On 3/14/2012 4:50 PM, Patrick Ben Koetter wrote: > * Wietse Venema <postfix-users@postfix.org>: >> Patrick Ben Koetter: >>>>> That's not a problem for me. I don't use the submission service >>>>> and rely on input from the real world for this. >>>> >>>> Meaning, "may", combined with a setting that allows plaintext >>>> passwords only over encrypted connections. Not sure if that makes >>>> trouble shooting easier than when TLS is always required, though. >>> >>> It does. One can test CRAM-MD5 also in a telnet session. The SASL_README >>> refers to a script, gen-auth, that assists creating the necessary response. >> >> What about "openssl s_client" instead of telnet? > > To my knowledge s_client is not a fully featured SMTP client or telnet > replacement. It is fine to see output about the TLS session, but once I > proceed I usally get errors. > > p@rick >
AFAIK OpenSSL works OK for testing SMTP as long as you avoid sending/pressing the upper-case "R" character, which triggers TLS renegotiation (and an SMTP error). Issuing the SMTP commands in lower-case is the usual workaround. But if your hashed password contains an "R" you're out of luck. -- Noel Jones
