search

mailcow / mailcow-dockerized

mailcow: dockerized - 🐮 + 🐋 = 💕
https://mailcow.email
GNU General Public License v3.0
8.31k stars 1.13k forks source link

mailcow:postfix should support xoauth2 for forwarding to smtp-replay.gmail.com #4509

Open takuya opened 2 years ago

takuya commented 2 years ago

Summary

xoauth2 for admin routing transports

mailcow admin transports map dose not support xoauth2 , only support id/pw auth.

But now, MS/ Google smtp servers recommend to use oauth or app pass word. OAuth2 is not only for Google API, but also used in smtp/imap. SMTP Auth by OAuth can be used in 250-AUTH xoauth2 .

Motivation

google discontinued password auth

https://support.google.com/accounts/answer/6010255?hl=en

Transporting from mailcow to smtp-relay.google.com:587 will be stopped.

I found xoauth for debian/ubuntu

xoauth sasl supports are found in ppa:sasl-xoauth2 . This will make easy to support xoauth2 for our mailcow.

Additional context

I tested ppa xoauth in docker-postfix, That works fine.

If change a mailcow postfix dockerfile , it will work anyway . but still neede to fix php code in mailcow admin setting, or dockerfile change in mailcow:postfix main.cf to enable sasl.

sample xoauth2 for postfix

https://github.com/takuya/postfix-gmail-smtp-for-oauth

KGBist2000 commented 1 month ago

Google will deactivate user+pw authetication in some weeks: https://support.google.com/a/answer/14114704?hl=en

is here any solution planed to user the google-workspace as smtp relay ?