Wietse:
> > You can find out about SASL active etc. attacks in RFC 4422
> > https://tools.ietf.org/html/rfc4422
>
Michael Fox:
> Thanks. Yes, that describes the attack categories. But it doesn't answer
> the above question. Is the categorization documented somewhere? If not,
> how are we to know?
This is standard terminology, and therefore not defined in either
Postfix or SASL RFC.
Active network attack: an attacker modifies the communication between
parties.
Mutual authentication: each party authenticates to the other party.
For more info I suggest a web search engine.
Wietse
