On Mon, 2010-08-30 at 13:04 -0400, Wietse Venema wrote: > Jean-Yves Avenard: > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_authenticated_header = yes > > smtpd_sasl_security_options = noanonymous, noplaintext > > smtpd_sasl_tls_security_options = noanonymous > If this does not announce the SASL mechanisms that you expect, then > the missing mechanisms are not installed with the Cyrus SASL library.
No, as demonstrate previously in the thread: <quote> telnet localhost 25 shows: 250-AUTH LOGIN PLAIN CRAM-MD5 GSSAPI 250-STARTTLS </quote> - the issue is that Postfix advertises "LOGIN" and "PLAIN" regardless of the presence of "noplaintext" in smtpd_sasl_security_options <http://www.postfix.org/postconf.5.html#smtpd_sasl_security_options> Interesting there appears to be a "smtp_sasl_mechanism_filter" but I don't find anywhere a similar filter for clients (I always assumed that smtpd_sasl_*_security_options implied one).
