> Probably better is to only offer AUTH on submission port 587 with > required encryption, and not offer AUTH at all on port 25.
That is exactly what I want to do. If I uncomment this in the master.cf does it force TLS encryption on port 587 before authentication? If not, how would I do that? submission inet n - - - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING Further, how do I not allow AUTH on port 25. I can't glean it from the docs. Thank you, Dave
