Le 18/06/2011 07:44, Jayanta Ghosh a écrit :
> Dear List,
>
> Our problem has been solved by doing the following :-
> a. The package cyrus-sasl-ntlm-2.1.22-4 was installed in our server. As a
> result
> of which NTLM authentication was enabled in our server.
> You can test this by executing telnet IP ADD of server 25. You will be able
> to
> see the following lines upon giving EHLO
> 250-AUTH CRAM-MD5 PLAIN LOGIN NTLM GSSAPI DIGEST-MD5
> 250-AUTH=CRAM-MD5 PLAIN LOGIN NTLM GSSAPI DIGEST-MD5
>
> b. To disable NTLM auth we have added one line "mech_list: PLAIN LOGIN" in
> the
> file /usr/lib/sasl2/smtpd.conf.
> After this the above Auth mechanism will be changed to
> 250-AUTH LOGIN PLAIN
> 250-AUTH=LOGIN PLAIN
>
> After this just enable the setting "My outgoing Server (SMTP) requires
> authentication" and followed by the login credentials would enable you to
> send
> emails to the outside domain from
> Outlook 2010.
>
with clear text passwords (PLAIN and LOGIN), it is recommended to force
clients to use SSL/TLS. somewhere in "advanced configuration", specify
the (smtp) port as 587 and encryption type as "TLS". for this, you need
to enable and configure the "submission" service in master.cf.
- you can also use port 25, but 587 is recommended for mail submission.
(and has the advantage of not being blocked except may be by dumb ISPs)
- you can also use port 465 and enc type "SSL", after enabling and
configuring the "smtps" service. but STARTLS is the standard way.
For more details, read the fine docs:
http://www.postfix.org/SASL_README.html
http://www.postfix.org/TLS_README.html
