Hello all, I’m looking for functionality of ‘accounts’, like one account (tenant/domain) can have their smtp credentials & api credentials. Is that possible? Many thanks!
Hey there @dapper-yeti, thanks for posting. Please read the “Troubleshooting” and “How to Ask for Help” buttons below. If you would like a 1:1 support session from the KumoMTA team, details are at the “Book a Support Session” button below.
Yes you can, see Checking Inbound SMTP Authentication - KumoMTA Docs
Sorry, I didn’t receive notification about your answer! So two follow up questions - looks like it works as expected for smtp authorization with LOGIN Auth protocol, but looks like if I set ‘None’ it still can be used to send without any username/password provided. How I can make username/password always required?
And the second one, how I can require api key for the http api access?
Thank you very much!
To require auth, you can check for it yourself:
- Implement the smtp_server_mail_from - KumoMTA Docs event handler
- and check that
authz_idis set in the connection metadata object: connectionmeta - KumoMTA Docs
For the HTTP API, we do not currently support a stable interface for token based auth, but we do offer an event handler for HTTP basic auth: http_server_validate_auth_basic - KumoMTA Docs
Marking this as RESOLVED