On 2022-07-14 10:12, Michael Slusarz wrote:
On 07/07/2022 5:24 AM Aki Tuomi wrote:
FWIW I think OAuth2 is the modern way to do actually MFA authentication. There is some
progress in Mozilla world (and hopefully other mail clients) to allow OAuth2 to work
outside the "big three" circle.
> On 07/07/2022 5:24 AM Aki Tuomi wrote:
>
> FWIW I think OAuth2 is the modern way to do actually MFA authentication.
> There is some progress in Mozilla world (and hopefully other mail clients) to
> allow OAuth2 to work outside the "big three" circle. Mostly this is *client
> development
> On 07/07/2022 01:12 EEST Michael Peddemors wrote:
>
>
> On 2022-07-06 10:17, gene heskett wrote:
> >> As far as I can see from what I tested today (mainly switching my
> >> Thunderbird from "Normal Password" to "OAuth"), Clients effectively
> >> *have* to be "also a browser" (rendering
On 7/6/22 18:15, Michael Peddemors wrote:
On 2022-07-06 10:17, gene heskett wrote:
As far as I can see from what I tested today (mainly switching my
Thunderbird from "Normal Password" to "OAuth"), Clients effectively
*have* to be "also a browser" (rendering the HTML for O365's login
prompts,
On 2022-07-06 10:17, gene heskett wrote:
As far as I can see from what I tested today (mainly switching my
Thunderbird from "Normal Password" to "OAuth"), Clients effectively
*have* to be "also a browser" (rendering the HTML for O365's login
prompts, accepting and sending user input, storing
On 7/6/22 12:09, Jochen Bern wrote:
On 01.07.22 20:02, Jochen Bern wrote:
*Totally* theorizing here, but as far as I'm aware, the SMTP (AUTH),
POP, and IMAP protocol definitions do not provide elbow room to make
*two* rounds of authentication. (Ever pondered why the admin can
require O365
On 01.07.22 20:02, Jochen Bern wrote:
*Totally* theorizing here, but as far as I'm aware, the SMTP (AUTH),
POP, and IMAP protocol definitions do not provide elbow room to make
*two* rounds of authentication. (Ever pondered why the admin can require
O365 users to "use 2FA", but users then are
On 7/4/22 15:32, Michael Peddemors wrote:
It IS possible to use 2FA on Dovecot, but it would be better if
Dovecot supported options by Plugins to control what supported 2FA
options are supported in the CAPABILITIES string. (Ongoing problem
getting more power in the handles of 3rd party
It IS possible to use 2FA on Dovecot, but it would be better if Dovecot
supported options by Plugins to control what supported 2FA options are
supported in the CAPABILITIES string. (Ongoing problem getting more
power in the handles of 3rd party plugins for Dovecot, politics.. )
HOWEVER,
Disclaimer: I work for Auth0 (now Okta)
On 7/3/22 9:40 AM, Paul Kudla (SCOM.CA Internet Services Inc.) wrote:
It seems any kind of dual auth will need a security app running on
YOUR server saving toikens, logins etc etc
Not necessarily. With Auth0, the IDP runs on Auth0's server.
You are
Please note this is my opinion only
It seems any kind of dual auth will need a security app running on YOUR
server saving toikens, logins etc etc
this is what lead to microsoft, gmail etc having their own api which
will only work for them
this is also (mainly because of https authing the
On 7/3/22 8:31 AM, John Gateley wrote:
The protocols were designed long before SAML and OIDC. SAML/OIDC give
you more control over authn/z
and allow easily adding in MFA or other different types of auth. To do
this right, you'd need to extend
the protocol to allow OIDC or SAML.
I did find
On 7/1/22 1:02 PM, Jochen Bern wrote:
On 27.06.22 00:52, Steve Dondley wrote:
I have a small client whose insurance company insists they have MFA
for their email to be covered under some kind of data protection policy.
*Totally* theorizing here, but as far as I'm aware, the SMTP (AUTH),
POP,
On Sat, Jul 02, 2022 at 07:32:21AM -0800, justina colmena ~biz wrote:
> Guns are banned and there's a night guard with a Big Mag flashlight or
> a billy club walking the beat around the bank, kicking a homeless man
> who fell asleep on the sidewalk to tell him wake up or your pocket's
> going be
Guns are banned and there's a night guard with a Big Mag flashlight or a
billy club walking the beat around the bank, kicking a homeless man who
fell asleep on the sidewalk to tell him wake up or your pocket's going be
picked clean by morning, because you've got too much money in your name for
>
> I have a small client whose insurance company insists they
> have MFA for their email to be covered under some kind of data
> protection policy. Currently I have the client set up on a Debian box
> for the email server coupled with roundcube for webmail. Most the users
> just
Quoting Jochen Bern :
On 27.06.22 00:52, Steve Dondley wrote:
I have a small client whose insurance company insists they have MFA
for their email to be covered under some kind of data protection
policy. Currently I have the client set up on a Debian box for the
email server coupled with
On 27.06.22 00:52, Steve Dondley wrote:
I have a small client whose insurance company insists they have MFA for their
email to be covered under some kind of data protection policy. Currently I have
the client set up on a Debian box for the email server coupled with roundcube
for webmail. Most
I don't see why not.
Dovecot and Postfix are entirely configurable to connect to and use any
desired authentication mechanism through certain basic interfaces.
The main problem I have experienced with MFA is a continual battle with
extortion, "long cons," and thievery in law -- that the
On Sun, Jun 26, 2022 at 06:52:05PM -0400, Steve Dondley wrote:
> I know roundcube offers a MFA plugin. But I don’t have the foggiest
> idea how of an iPhone, Android device, or Outlook could all be set up
> to work with MFA with a standard dovecot/postfix setup.
I'm currently vague on whether/how
I have a small client whose insurance company insists they have MFA for their
email to be covered under some kind of data protection policy. Currently I have
the client set up on a Debian box for the email server coupled with roundcube
for webmail. Most the users just use roundcube but some
21 matches
Mail list logo
