On 2/15/2010 4:30 PM, Rob Tanner wrote:
Hi,
I have TLS turned on on my server but since that server also accepts
incoming mail from the internet, I can’t require it’s use and so it is
certainly possible that some of our users using AUTH-SMTP are still
connecting unencrypted. Currently the only authentication mechanism we
are using is PLAIN and so I want to use CRAM or DIGEST MD5. All the
helps I can find on the web give instructions on building from source
but I’m running a RedHat Enterprise server and all the libraries are
already installed. The problem is that I can’t find any instructions on
how to configure to use mechanisms beyond PLAIN and if I specify
noplaintext in main.cf, Postfix just hangs.
Is anybody using any of the secure authentication mechanisms and would
you be willing to share your configuration with me?
Thanks,
Rob
The easy solution is set in main.cf
smtpd_tls_auth_only = yes
so that TLS is required before AUTH is offered.
-- Noel Jones
