Le 14/03/2015 09:15, Viktor Dukhovni a écrit :
On Fri, Mar 13, 2015 at 06:13:56PM +0100, Emmanuel Fust? wrote:
Ok, what do you think about this one ?
I added XSASL_AUTH_TEMP in case of crashed / stopped dovecot auth server
too.
Looks fine to me.
What SMTP client is it by the way that treats a 535 in response to
AUTH as a reason to bounce the message, and would retry with a 4XX?
Postfix these days defers mail when authentication fails whether
the error is 4XX or 5XX.
http://www.postfix.org/postconf.5.html#smtp_sasl_auth_soft_bounce
The patch may be "more correct", but if MTAs generally understand
that SASL failure is "always" transient (either the client is
misconfigured and should not be using SASL, or authentication is
requirement and the details are misconfigured) then the patch is
perhaps unnecessary.
This is only a safety measure as now upstream servers use postfix even
if they are out of my control.
But later I will have to cope with more exotics ones like a lot of
different Exchange versions, and other unknown MTA.
So all correct and cheap safety guards are not superfluous in this case.
Thank you for your support.
Emmanuel.
