One possible solution could be defining a dedicated smtpd instance listening on 127.0.0.1:587 (or another local ip?) with a specific option that allows clear text password exchange.
we could think for this later, I would like to start a P.O.C with a table with user account (address email with also pseudonym). We could have workable remote smtp, webtop5 and roundcubemail
Sorry it took a while, this is not my territory of expertise.
found this which en-lighted me:
I tend to agree with this, although i see the problem it’s hard to implement without breaking clients by closing one of the default smtp-ports (ie 25, 465, 587) with the firewall.
What about an extra custom port for postfix (ie 4465 ??) with localhost access restriction for PLAIN text login / auth ?
I not sure if another smtpd is a needed; just an extra listing port. Set the global setting to may (smtpd_tls_security_level=may) but enforce it on the default ports. restrict acces to the customport to 127.0.0.0/8 but do not enforce tls.
I installed the PR RPM and I come with some questions
what is the expected behavior of a shared mailbox? If I can read (and modify?) a shared mailbox content, should I be allowed to send a message with its email address? For instance
user: first.user, member of grp1
shared mailbox: shmbx1, shared with grp1, email alias shared1@aliasdom.example.com
what is the expected behavior of an alias address with multiple recipients? Should be the recipients allowed to send a message with the alias? For instance
given email alias address sales@example.com expanded to first.user@example.com, second.user@example.com,
can second.user set sales@example.com as message sender?
alias of an email : steph@domain.com (first email) can send with steph@domain.org if we set this email as its alias, or any domain of the server if the alias exists for each domain.
alias for group of people
lets set group@domain.com (or group@) of three users, user1 user2 user3 for one domain or each domain of the server. Each member of this group can send with its email and the identity group@domain.com, group@domain.org (if domain.org exists on the server).
Obviously when the sender identity is enabled, you cannot anymore use an identity which is not relevant of /etc/postfix/login_maps and /etc/postfix/login_maps.pcre
For the sharedmailbox, I thought first that it is to receive email, and I did nothing, I probably missed to make a logic to exclude them of /etc/postfix/login_maps, even if it should not hurt.
To @all, do you see some missing feature for you, @saitobenkei what do you need more ?