diff options
author | Jeremy Harris <jgh146exb@wizmail.org> | 2023-01-30 13:31:40 +0000 |
---|---|---|
committer | Jeremy Harris <jgh146exb@wizmail.org> | 2023-01-30 13:34:33 +0000 |
commit | 04e5caa9a7e84b2afca642d28096d988cb6802e7 (patch) | |
tree | 47a499d034d1c66151c8d8d38ebfc12a25c00ca2 /doc | |
parent | 9ee30919f807678b0bc9f675dcfa73225b486574 (diff) | |
download | exim4-04e5caa9a7e84b2afca642d28096d988cb6802e7.tar.gz |
Testsuite: dovecot suthenticator testing
Diffstat (limited to 'doc')
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index dc4e38c4a..fd2b47f22 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -28293,7 +28293,7 @@ Dovecot 2 POP/IMAP server, which can support a number of authentication methods. Note that Dovecot must be configured to use auth-client not auth-userdb. If you are using Dovecot to authenticate POP/IMAP clients, it might be helpful to use the same mechanisms for SMTP authentication. This is a server -authenticator only. There is only one option: +authenticator only. There is only one non-generic option: .option server_socket dovecot string unset @@ -28305,6 +28305,7 @@ authenticators for different mechanisms. For example: dovecot_plain: driver = dovecot public_name = PLAIN + server_advertise_condition = ${if def:tls_in_cipher} server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 @@ -28314,6 +28315,13 @@ dovecot_ntlm: server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 .endd + +.new +&*Note*&: plaintext authentication methods such as PLAIN and LOGIN +should not be advertised on cleartext SMTP connections. +See the discussion in section &<<SECTplain_TLS>>&. +.wen + If the SMTP connection is encrypted, or if &$sender_host_address$& is equal to &$received_ip_address$& (that is, the connection is local), the &"secured"& option is passed in the Dovecot authentication command. If, for a TLS |