* Andre Klärner <kan...@ak-online.be>: > Hi Patrick, > > On Thu, Aug 16, 2012 at 09:10:18PM +0200, Patrick Ben Koetter wrote: > > * martin f krafft <madd...@madduck.net>: > > > also sprach Patrick Ben Koetter <p...@state-of-mind.de> [2012.08.16.2044 > > > +0200]: > > > > Putting passwords in configs isn't something I like, so > > > > I pull them from the Gnome keyring: > > > > > > Not a bad idea, but now an attacker with access to the filesystem > > > doesn't have to run 'cat ~/.muttrc' but 'gnome-keyring-query get mutt' > > > instead. > > > > If mutt can use a TLS client certificate, you can use that to auth against > > Dovecot. > > Do you have a running setup that can use password and cert for one user? > (e.g. via password for the webmail, and certificate for the MUA).
I have to apologize! Postfix can do that for sender, and looking at dovecots SSL params I assumed it can do that too, but reading through the docs <http://wiki2.dovecot.org/PasswordDatabase> it seems I was wrong. But IF we really wanted that Timo would probably implement it. I'd contribute € 250.-. p@rick -- Postfix - Einrichtung, Betrieb und Wartung <http://www.postfix-buch.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
smime.p7s
Description: S/MIME cryptographic signature