20 lines
1.2 KiB
Plaintext
20 lines
1.2 KiB
Plaintext
MBOX-Line: From tss at iki.fi Fri Jan 13 09:31:58 2012
|
|
To: imap-protocol@u.washington.edu
|
|
From: Timo Sirainen <tss@iki.fi>
|
|
Date: Fri Jun 8 12:34:47 2018
|
|
Subject: [Imap-protocol] which IMAP servers support support SASL
|
|
authorization vs. authentication ID?
|
|
In-Reply-To: <alpine.OSX.2.00.1201130725430.38441@hsinghsing.panda.com>
|
|
References: <alpine.OSX.2.00.1201130725430.38441@hsinghsing.panda.com>
|
|
Message-ID: <CC4ECE28-7BDF-47C9-BB29-4D8087AF87DF@iki.fi>
|
|
|
|
On 13.1.2012, at 17.44, Mark Crispin wrote:
|
|
|
|
> I have been tasked to identify which IMAP servers support the SASL concept
|
|
> of authorization vs. authentication ID and if it is suitable to allow
|
|
> impersonation; that is to proxy to various user accounts.
|
|
|
|
Yes, Dovecot supports as well. It can be configured to work pretty much any way you want.
|
|
|
|
Actually this week there was an interesting use case for it, kind of the reverse of what is normally done: Shared mailboxes are accessed via one shared user account, but each user logs in with their own authentication ID so they get different access to the mailboxes because they have different ACLs. (All of this is actually hidden from the user, they don't configure this in their clients.)
|