Jeroen Geilman wrote: > On 11/12/2010 10:36 AM, Per Jessen wrote: >> Jeroen Geilman wrote: >> >> >>> On 11/12/2010 09:05 AM, Per Jessen wrote: >>> >>>> I'm trying to setup an SMTP service on port 587, TLS required, >>>> authentication in plaintext allowed. >>>> >>>> What I can't understand is the following: >>>> >>>> with smtpd_tls_security_level=encrypt, the SMTP server does not >>>> offer any AUTH options. >>>> >>> Correct. >>> smtpd_tls_security_options=encrypt mandates encryption. >>> >>> No further communication will take place before TLS is established. >>> >>> >>>> With smtpd_tls_security_level=may, I get what I >>>> want: >>>> >>>> 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 >>>> >>>> >>> That only seems so to you. >>> You need encrypt if you want mandatory TLS. >>> >> Right, and TLS is setup correctly - what I don't quite understand is >> why >> my server isn't offering any AUTH options? I mean, it seems to me >> that it should? >> >> >> > > *No further communication will take place before TLS is established.* > Which part of this don't you understand ? >
Thanks, there's no need to be rude. I see now that TLS was not established, which is why no AUTH options were offered. TLS was not established as the client was unable to access the root CA revocation list. /Per Jessen, Zürich
