Stephen Holmes wrote, at 10/03/2008 11:44 AM: > Hi PostFixers, > > I'm now running postfix/dovecot/mysql in SUSE Linux Enterprise 10 SP2 > and I wanted to secure the SMTP connections. I've tried to follow one > or more tutorials, but so far to no avail. The server is up and running > and Thunderbird seems to use SMTP over TLS but when I issue a telnet > localhost 25 I get... > > 220 mail.gallopinggreen.com NO UCE ESMTP > EHLO localhost > 250-mail.gallopinggreen.com > 250-PIPELINING > 250-SIZE 10240000 > 250-VRFY > 250-ETRN > 250-STARTTLS > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > > I can see the STARTTLS, but not the AUTH statements. My postconf output > is..
> smtpd_tls_auth_only = yes You've wisely configured postfix to offer AUTH only via STARTTLS, so it won't appear until the session is renegotiated and encrypted. telnet is not up to troubleshooting this task. You've confirmed with a client that it works, but you can also use openssl: openssl s_client -starttls smtp -debug -connect localhost:25
