Chapter 37 - The dovecot authenticator
This authenticator is an interface to the authentication facility of the Dovecot POP/IMAP server, which can support a number of authentication methods. If you are using Dovecot to authenticate POP/IMAP clients, it might be helpful to use the same mechanisms for SMTP authentication. This is a server authenticator only. There is only one option:
server_socket | Use: dovecot | Type: string | Default: unset |
This option must specify the socket that is the interface to Dovecot authentication. The public_name option must specify an authentication mechanism that Dovecot is configured to support. You can have several authenticators for different mechanisms. For example:
dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth2 dovecot_ntlm: driver = dovecot public_name = NTLM server_socket = /var/run/dovecot/auth-client server_set_id = $auth1
If the SMTP connection is encrypted, or if $sender_host_address is equal to $received_ip_address (that is, the connection is local), the “secured” option is passed in the Dovecot authentication command. If, for a TLS connection, a client certificate has been verified, the “valid-client-cert” option is passed. When authentication succeeds, the identity of the user who authenticated is placed in $auth1.