* Eero Volotinen <eero.voloti...@iki.fi>: > > >One thing I note is that "telnet mail.simonandkate.net 587" does > >not return AUTH in the list offered: > > > >220 mail.simonandkate.net ESMTP Postfix > >EHLO simon.whatever > >250-mail.simonandkate.net > >250-PIPELINING > >250-SIZE 26214400 > >250-ETRN > >250-STARTTLS > >250-ENHANCEDSTATUSCODES > >250-8BITMIME > >250 DSN > > > >So it would appear that SASL is *not* setup right... but why do I > >get log entries saying the iPhone is sending email as > >sasl_method=PLAIN, sasl_username=simon? > > > >So can anyone tell me what I have done wrong? Why does SASL appear > >to be (possibly) working for PLAIN (iPhone) but not for the Nokia > >(CRAM-MD5), and why is the server not advertising the AUTH > >methods? > >smtpd_tls_auth_only = yes > > Because of: > > smtpd_tls_auth_only (default: no) > When TLS encryption is optional in the Postfix SMTP server, do not > announce or accept SASL authentication over unencrypted connections. > > This feature is available in Postfix 2.2 and later. > > you need to use openssl s_client -connect mailserver:port to get the > auth advertising, so pure telnet is not encrypted connection. > > Make sure that nokia is really using encryption (tls)
This is wrong. The log shows the mobile is using TLS. The SASL part fails. See my other post why it fails. p...@rick > > -- > Eero -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
