On Wed, May 22, 2024 at 11:27:15PM -0500, Scott Techlist via Postfix-users
wrote:
> >All of these entries are using the LOGIN mech. Unless you have an
> >extremely old outlook express MUA (or similar) you xan and should be
> >using the PLAIN mech. You can eliminate all of the above attacks by
> >removing LOGIN from the list of mechs you accept.
>
> Peter:
>
> I too see a lot of these so I went to try your solution. I edited
> /etc/sasl2/smtpd.conf
> It now contains:
>
> pwcheck_method: saslauthd
> #mech_list: plain login
> mech_list: plain
That's for *Cyrus* SASL, but since you mention "dovecot", perhaps you're
using "dovecot" SASL, check your "smtpd_sasl_type" parameter setting.
Dovecot has its own mechanism list, while Postfix has a mechanism list
filter. You should be able to set:
smtp_sasl_mechanism_filter = plain
or, in dovecot.conf, set:
auth_mechanisms = plain
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
