On 3/2/2010 2:30 PM, Daniel L. Miller wrote:
Victor Duchovni wrote:
On Tue, Mar 02, 2010 at 11:33:48AM -0800, Daniel L. Miller wrote:
192.168.0.110:126 inet n - - - - smtpd
-o smtpd_tls_security_level=may
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
connect with Thunderbird to this address & port set to TLS - works.
SSL does not.
Why do you expect SMTP after SSL to work on a port that supports SSL
after SMTP?
http://www.postfix.org/postconf.5.html#smtpd_tls_wrappermode
Ok - inferring from that, I tried:
192.168.0.110:128 inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
Now connecting from Thunderbird SSL works - TLS does not. Just
confirming - is this expected and proper behaviour?
Yes, that's expected. SSL wrappermode is incompatible with
standard SMTP or STARTTLS.
Typically wrappermode is specified only on port 465, which is
commonly referred to as the smtps port.
-- Noel Jones
