On 06/20/2013 11:19 AM, Mohsen Pahlevanzadeh wrote:
Dear all,
when i use
telnet 0 587, i get the following result:
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
220 mail.pahlevanzadeh.info ESMTP Postfix
AND WHEN I USE EHLO COMMAND, I GET THE FOLLOWING RESULT:
ehlo localhost
250-mail.pahlevanzadeh.infousing
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
But i don't see two following lines in above:
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
That could mean one of three things: either you have not enabled SASL on
port 587, or you have set "smtpd_tls_auth_only = yes" on port 587, which
prevents AUTH before TLS, or you have enforced TLS, which has the same
effect.
From main.cf:
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = inet:localhost:1023
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = no
From your master.cf entry for submission:
submission inet n - - - - smtpd
-o smtpd_tls_security_level=encrypt
It's reason #3: you enforce TLS on submission.
I attached my main.cf and my master.cf,
i have a newbie question: if i get good result, should i run dovecot?
Dovecot serves several functions, two or three of which can be
integrated with postfix.
If you're using dovecot as your SASL provider, you're already running it.
second question: how i can see the two lines in the smtp result?
You do not want to see those two lines before TLS.
You can test an encrypted connection using the openssl s_client
subcommand; you should see the AUTH entries after you have completed
STARTTLS.
--
J.
