Hi Patrick, I was going through link http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailclients.html
" It appears that clients try authentication methods in the order as advertised by the server (e.g., PLAIN ANONYMOUS CRAM-MD5) which means that if you disable plaintext passwords, clients will log in anonymously, even when they should be able to use CRAM-MD5. So, if you disable PLAIN logins, disable ANONYMOUS logins too. Postfix treats ANONYMOUS login as no authentication " I was a bit confused here in the sense it mentions if plaintext is disabled client will login anonymously. What role does smtpd_sasl_security_options = noanonymous play here ? Thanks in advance On Thu, Aug 14, 2008 at 8:29 PM, Jorey Bump <[EMAIL PROTECTED]> wrote: > Patrick Ben Koetter wrote, at 08/14/2008 08:22 AM: > > The order in which mechanisms are listed in $mech_list or in which they >> are >> announced as SMTP capability is irrelevant. The client chooses the "best" >> mechanism by it's own logic. >> > > Note that this has become a blessing from a support point of view, because > modern clients will rarely send passwords in the clear if a better mechanism > is available. Many users are stabbing in the dark and stop at the first > configuration that works, so this approach offers a little more protection. > >
