Jeff Wiegley said on Mon, Sep 29, 2003 at 06:08:35AM +0000: > What is the easiest method (preferrably one that doesn't require sasl) > to get AUTH setup so that: > 1) non-STARTTLS connections do NOT offer PLAIN or LOGIN, and > 2) STARTTLS connections do honor PLAIN or LOGIN? > > I'm 100% against sasl in general just for the simple fact that the > developers have chosen to store passwords and user credentials in > PLAINTEXT in a file on the filesystem. (add to that the need to > maintain and synchronize two different databases or username/password > information.)
Uh, SMTP AUTH is based on SASL (SASL is a protocol and a library). So, you need sasl to do what you want. http://www.technoids.org/wwstarttls.html appears to have the info you want, specifically: dnl # Offer SMTP AUTH only after encryption (STARTTLS) has been negotiated define(`confAUTH_OPTIONS',`p,y')dnl M
pgpaLAdK2ke9i.pgp
Description: PGP signature
