Greetings, I'm a newbie at the mail w/ authentication thing. So tell me what to read, since what I need is how to find answers and not just the answers. But I've been searching the web and I'm getting close, but no exact matches.
postfix-2.3.3 cyrus-sasl-*-2.1.22 saslauthd is running. This is just a test box; production isn't affected. I __don't__ have an imap server on the machine. I don't want one unless I have to have it. I don't have to have imap, right? When user aaa sends to bbb, bbb's headers show it was encrypted but aaa wasn't prompted for a password. aaa is using mutt, the .muttrc doesn't contain the password. (TLS is working, auth isn't AFAICT.) I may not know what I'm doing w/ mutt. Namely, how do I tell mutt that I want to send authenticated email? Or is mutt not involved in that? telnet EHLO response: 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH DIGEST-MD5 LOGIN PLAIN CRAM-MD5 GSSAPI NTLM 250-AUTH=DIGEST-MD5 LOGIN PLAIN CRAM-MD5 GSSAPI NTLM 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN I'm attaching postconf -n. Is there brain fade in here? broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 html_directory = no mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = fqdn.replaced.by.paranoid myhostname = sml.fqdn.replaced.by.paranoid mynetworks = 10.3.0.0/16 mynetworks_style = host myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_password_maps = hash:/etc/sasldb2 smtp_sasl_type = cyrus smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_tls_loglevel = 1 smtp_tls_security_level = encrypt smtp_tls_session_cache_database = btree:/var/postfix/smtp_tls_session_cache smtpd_enforce_tls = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sasl_type = cyrus smtpd_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_cert_file = /etc/postfix/cacert.pem smtpd_tls_key_file = /etc/postfix/nopass_cakey.pem smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/postfix/smtpd_tls_session_cache tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 master.cf: submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_security_options=noanonymous -o smtpd_sasl_local_domain=sml.fqdn.replaced.by.paranoid -o header_checks= -o body_checks= -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination -o smtpd_sasl_security_options=noanonymous,noplaintext -o smtpd_sasl_tls_security_options=noanonymous -o smtpd_enforce_tls=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_tls_auth_only I have a feeling this question is poorly formed. Sorry. Like I said, I'm a newbie. j.
