Jeroen Geilman skrev den 2013-06-15 15:35:
Quoted from the above documentation:
smtpd_tls_auth_only (default: no)
"When TLS encryption is optional in the Postfix SMTP server,
do not announce or accept SASL authentication over unencrypted
connections. "
it does not say it disables auth anywhere, it just says it would not be
possible to connect without starttls or not, starttls on its own have
nothing to do with auth or not
check your own logs how many clients use starttls without auth
just becurse it seldom seen in real life that no one will send auth
over an non tls/ssl does not mean it does not work
postfix have both auth and starttls, starttls is just for clients to
use ssl/tls on port 25, email clients will not use starttls in 2013,
since submission is the right thing anyway
In other words, yes, setting this option in conjunction with
"smtpd_tls_security_level = may" *requires* TLS in order to AUTH.
smtpd_tls_security_level = encrypt means the server will *reject* any
commands that are not STARTTLS, until a TLS connection has been
established.
This includes AUTH.
it still not needed to use ssl/tls to make auth work
--
senders that put my email into body content will deliver it to my own
trashcan, so if you like to get reply, dont do it
