On Thursday, July 30, 2009 at 06:19 CEST,
Olivier Nicole <o...@cs.ait.ac.th> wrote:
> I am using dovecot with postfix for authentication.
>
> Everything (TLS/SSL, authentication) is working fine, except I cannot
> find a way to force STARTLS before authentication:
>
> 20 mail2.cs.ait.ac.th ESMTP Postfix (2.6.2)
> EHLO [192.41.170.57]
> 250-mail2.cs.ait.ac.th
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-AUTH PLAIN LOGIN
> 250-AUTH=PLAIN LOGIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> AUTH PLAIN XXXX
> 235 2.7.0 Authentication successful
>
> The reply I got from Dovecot mailing list is:
>
> > disable_plaintext_auth affects logging in to dovecot IMAP/POP3 server.
> > This is a SMTP session with Postfix, you'll have to configure Postfix
> > not to allow plain text authentication before STARTTLS.
>
> But I am doubtful because the authentication is dovecot job, so I
> don't see how the configuration could be in postfix.
If you use Dovecot for SMTP authentication both Postfix and Dovecot
configuration affects Postfix's behaviour.
http://www.postfix.org/postconf.5.html#smtpd_tls_auth_only
--
Magnus Bäck
mag...@dsek.lth.se
