On 31.01.2014 01:41, Viktor Dukhovni wrote: > On Fri, Jan 31, 2014 at 12:54:01AM +0100, Johannes Bauer wrote: > >> What I would like to do and cannot figure out: How can I *force* >> authenticated clients to perform a STARTTLS before performing a "AUTH >> PLAIN"? > > If plaintext mechanisms are all you have: > > smtpd_tls_auth_only = yes > > This disables auth completely without TLS. It looks like you have > no other mechanisms available.
You're a genius! Thank you so much, this is exactly what I wanted. If we ever meet in person, be sure to claim your well-deserved beer :-) Best regards, Johannes
