RFE: OAuth and local SMTP (port 25, no SSL/TSL) without authentication

[sphakka]

I've been using for years Roundcube with a local Postfix instance on port 25 to send e-mails without authentication. However, with OAuth this no longer works because RC enforces XOAUTH2 auth type plus credentials: indeed, (at least with Postfix 3.7.6 on Debian 12) during the SMTP handshake, no ''250-AUTH" is offered at all, thus the client (Roundcube) bails out. I guess that's correct SMTP behavior before the client issues a STARTTLS, which won't happen because Roundcube is configured with smtp_host = 'localhost:25'.

Thus, I wonder if it could be OK to further extend RC's rcmail_oauth::smtp_connect() to skip authentication when explicitly requested, e.g., with smtp_auth_type = 'NONE', while possibly checking that we're on port 25 and no SSL/TLS was configured for SMTP.

What do you think?

P.S. OAuth + SMTP submission on tls://localhost:587 works as expected.

[alecpl]

I suppose it should be enough to skip code in rcmail_oauth::smtp_connect() if smtp_user='' and smtp_pass=''.

[sphakka]

I suppose it should be enough to skip code in rcmail_oauth::smtp_connect() if smtp_user='' and smtp_pass=''.

Thanks, I'll give it a try.

[alecpl]

Implemented.