Hi, > Am 18.08.2019 um 16:52 schrieb Stephan Bosch via dovecot > <[email protected]>: > > > >>> On 18/08/2019 10:09, Christian Rößner via dovecot wrote: >> Hi, >> is there some configuration parameter in Dovecot, which sends a TLS client >> certificate to the SMTP server? I would need this to have XCLIENT enabled >> and TLS with Postfix. This way I could permit sending based on the >> certificates fingerprint. > > Can you elaborate? Are you talking about the submission relay service or > submission of outgoing messages from e.g. Sieve?
The submission relay service. I like the idea of this service. Currently I did not activate the relay trust option, because I have no idea on how I could give permissions on the Postfix side. If Dovecot would send the certificate as reply to the smtpd_ask_ccert option, I could turn on XCLIENT in Dovecot and give permission based on the certificate fingerprint. At the moment I do STARTTLS from Dovecot to Postfix and have added Dovecot‘s IP to mynetworks in Postfix. But I would prefer XCLIENT. Thanks in advance Christian > > Regards, > > Stephan. > >> Thanks in advance >> Christian >> Von unterwegs aus gesendet >> -- >> Rößner-Network-Solutions >> Karl-Bröger-Str. 10, 36304 Alsfeld <x-apple-data-detectors://0/0> >> Fax: +49 6631 78823409 <tel:+49%206631%2078823409>, Mobil: +49 171 9905345 >> <tel:+49%20171%209905345> >> USt-IdNr.: DE225643613, https://roessner.website <https://roessner.website/> >> PGP Fingerprint: 8FB3 132F 85D8 C9C7 A9F1 9A3F 5183 D46C B885 897E
