Dear Luv participants,
What is the current recommended practice for IMAP and SMTP submission
authentication?
I have a small server running Dovecot and Postfix. I've found that
placing the IMAP TLS and SMTP submission ports behind a Wireguard tunnel
is useful, but it hasn't proven to be reliable with some mobile clients
(Apple iOS in particular, which I use for reasons not related to this
discussion).
Password authentication still seems to be the only widely supported
mechanism. Is there a better option? For Linux clients, there is also
Kerberos authentication, which works as intended, but I can't configure
that on the mobile devices without the necessary infrastructure.
Currently, the passwords are unique to Dovecot, stored as hashes in the
Dovecot configuration. The server doesn't allow password-based ssh
authentication anyway. Postfix uses Dovecot for SASL authentication.
Fail2ban is running. I know this isn't ideal.
_______________________________________________
luv-main mailing list -- [email protected]
To unsubscribe send an email to [email protected]
