Hi Paul, Care to share your config (even OFFLIST) that has successfully integrated Dovecot Submission service with Exim??
I use Exim+Dovecot (Exim4U) and wouldn't mind exploring this. Thanks in advance. On 6 April 2018 at 19:15, Paul Hecker <p...@iwascoding.com> wrote: > Hi, > > Thanks you very much. This did the trick! > > > On 6. Apr 2018, at 15:56, Stephan Bosch <step...@rename-it.nl> wrote: > > > > > > > > Op 6-4-2018 om 13:52 schreef Paul Hecker: > >> Hi, > >> > >> Dovecot 2.3.1 (8e2f634). Could not get Dovecot to forward the (plain) > authentication to the SMTP server using submission. Reason why I need it is > sender spoofing (do not want my employees to send messages in behalf of me). > >> > >> In exim I can disable sender spoofing with the authenticated user. When > sending through dovecot, exim either does not accept the email (need auth) > or relay every sender address (because relaying from localhost). > >> > >> Am I missing a setting or do I need any additional field in the (MySQL) > user_query/password_query to forward the password? > >> > >> You can find my config here: > >> > >> https://gist.github.com/lluuaapp/7daddf761131da47237b0f45e6bab5a8 > > > > That would be possible using the following SMTP AUTH feature: > > > > https://tools.ietf.org/html/rfc4954#section-5 > > > > Which is apparently supported by Exim: https://www.exim.org/exim- > html-current/doc/html/spec_html/ch-smtp_authentication. > html#SECTauthparamail > > This requires explicit configuration, so it will not work out of the box. > > Here is what I did: > > I had to add the acl_smtp_mailauth to only allow this on a certain port. > Then I had to duplicate my code for sender spoofing for authenticated users > and change the $authenticated_id -> $authenticated_sender. > > Besides that, I must use TLS (in my case STARTTLS) so that Dovecot > actually sends the MAIL AUTH parameter. > > > > > The Dovecot Submission service should support this too. It sends an AUTH > parameter with the MAIL command (currently only then the username is a > valid SMTP address). However, I must say, I haven't tested this recently. > > I can confirm that it works (only with TLS with my current configuration, > see above). > > > > > I can try this in a few days. Feel free to experiment with this yourself. > > > > Regards, > > > > Stephan. > > Thanks again, > Paul > > -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
