Hello,
I have an email client (K-9 on Android), which, when using TLS client
certificates insists on sending an auth external. However, postfix/SASL
does not advertise external auth, which causes the client to not being
able to use client certificates with postfix.
As I see it, postfix is missing the external mechanism as specified in
RFC 2222 (SASL) completely. Thus, I have implemented this feature (for
TLS CA client certs) and I am currently successfully running this on a
local installation using cyrus sasl.
I would be willing to provide a patch and would really like to see this
integrated in future versions of postfix.
I hope this is the right postfix mailing list for this request.
Bastian