How to allow login to a SMTP server better than with password?

Question

I'm planning on creating a mail server, but I don't want to use passwords at all. They seem a wrong security choice to me.

I'd love to use a certificate to login. This seems easy to do in HTTP, but I found no way to do it in SMTP. Is there any way to do it?

If not, is there another option than passwords? OAuth, 2FA or anything else?

score 4 · Answer 1 · answered Dec 17 '15 at 07:15

4

Look into client certificate validation for the SMTP server of your choice. For example, in Postfix you can use TLS client certificates as an authentication method.

answered Dec 17 '15 at 07:15

Wesley

score 2 · Answer 2 · answered Dec 17 '15 at 07:23

2

kerberos (gssapi) or certificates are the options, I guess.

answered Dec 17 '15 at 07:23

natxo asenjo

2 Answers2