Hello, thank you for writing OpenSMTPD, it's working great!
Is it possible to somehow get a username from a client certificate? This would allow for user specific auth based on a certificate, instead of providing a username via standard SMTP auth. The use case I am thinking of would be using a "listen" line with "tls-require verify", but without "auth", to relay mail from connections that provided valid client certificates. The problem is that without "auth" there is no username, so it's not possible to make use of "senders <sender_map>" to restrict submission to only select client certificates. Maybe something like "tls-require verify username-from CN" could be a possible extension to be able to use (or override) the username and select the cert's field the username is to be picked from. Some other have this, e.g. dovecot's auth_ssl_username_from_cert, for example. Or am I missing something and this is already possible somehow? Thank you