Yes, you would need to use the dovecot submission server for this:
https://doc.dovecot.org/admin_manual/submission_server/
Most people, however, use their MTA's submission server but use dovecot
for the authentication backend:
https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/#simple-virtual-install-smtp-auth
Peter
On 19/04/24 13:27, karl.l--- via dovecot wrote:
Hi,
This is my dovecot version:
```
root@freebsdsvr:~ # dovecot --version
2.3.21 (47349e2482)
```
I'm having trouble in making dovecot as proxy to the mail server when using
ntlm authentication.
My setup looks like this: email client ------> dovecot (will act as proxy)
-------> mail server
so basically the email client will connect to dovecot but dovecot will forward
it to the mail server.
Proxying using auth_mechanism as PLAIN is working but if I use ntlm
authentication it just connects into the dovecot server and dovecot server does
not proxy to to the mail server.
I tried using passdb driver = sql, passdb driver = static, passdb driver = lua
and all of them are working when the email client connects using plain auth,
once dovecot authenticates the user it will proxy it to the mail server but
when I use ntlm authentication it just connects to dovecot and does not do a
proxy to the mail server.
You seem to be confusing IMAP with submission. The IMAP protocol is
good for fetching mail and as a general interface to the mail storage
(or mailbox). IMAP is not used for submitting new mail (except usually
for storing a copy in the user's "Sent" folder).
Mail submission is done via the "submission" or (the implicit TLS
version) "submissions" protocols. This is usually a function of your
MTA (e.g. Postfix, exim, Sendmail, etc but generally not Dovecot). So
any attempt to submit mail to the IMAP port is flawed.
All that said, Dovecot does come with a submission server that can
"proxy" mail through to the submission service on your MTA. This can be
used in the way you describe (but again it's not IMAP):
https://doc.dovecot.org/admin_manual/submission_server/
Most people, however, use their MTA's submission server but use dovecot
for the authentication backend. This means that just the authentication
credentials are passed through from your MTA to Dovecot and Dovecot
answers with a yes/no to the MTA on whether it should allow the
submission to proceed. In this case Dovecot is still doing the
authentication but no proxy is needed for the actual submission:
https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/#simple-virtual-install-smtp-auth
The latter solution is my recommendation unless you have a specific need
for using the Dovecot submission server (e.g. BURL support).
Peter
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
