Hi,
Just a small question: we currently use posfix with sasl authentication,
and folowing many docs, we have enabled PLAIN and LOGIN authentication.
However, googling leads me to believe that LOGIN is mostly used by
Outlook Express, and that most (or all?) modern clients support the
PLAIN mechanism.
I also noticed that most failed authentication attempts are done using
LOGIN.
Now, assuming that most of these failed authentications are simply
username/password guessing... how many problems would I expect, if I
simply only offer PLAIN mechanism?
It's hard to find info on what clients use what auth type. So, are
all/most modern clients capable of doing PLAIN? (thunderbird, outlook
2010/2013) so could I simply disallow LOGIN?
MJ
- sasl auth LOGIN / PLAIN mj
-
