On 10/31/2010 01:20 PM, Janos Dohanics wrote:
In master.cf I have enabled port 587:
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o
smtpd_client_restrictions=permit_sasl_authenticated,permit_mynetworks,reject
However, when I telnet, AUTH does not seem to be offered:
# telnet mail.example.com 587
Trying xxx.xxx.xxx.xxx...
Connected to mail.example.com.
Escape character is '^]'.
220 mail.example.com ESMTP Postfix
ehlo me
250-mail.example.com
250-PIPELINING
250-SIZE 49152000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
^]
Still, when I submit mail with Thunderbird, it asks for
username/password, and if correct, the message is accepted.
You are enforcing TLS.
Nothing will be communicated until TLS is established, including
authentication information.
From the TLS_README:
When TLS layer encryption is required ("smtpd_tls_security_level
<http://www.postfix.org/postconf.5.html#smtpd_tls_security_level> =
encrypt" or the obsolete "smtpd_enforce_tls
<http://www.postfix.org/postconf.5.html#smtpd_enforce_tls> = yes"),
/*the Postfix SMTP server will announce and accept AUTH only after the
TLS layer has been activated*/ with STARTTLS.
--
J.
