On 17/05/23 00:14, mailmary--- via Postfix-users wrote:
I am talking about the authentication email, not MAIL FROM or RCPT TO.
There is no "authentication email". There is a login username which can be just about anything and in your case likely just happens to match the user's email address.
hmm, when using the -v parameter, just above the "SASL LOGIN authentication failed: UGFzc3dvcmQ6" log entry, I can clearly see the email/password
What you are seeing is the direct SASL data being passed between the MUA and Dovecot server via Postfix. Postfix is not actually aware of what this content is, it just blindly passes it back and forth.
thus postfix knows the email address being authenticated BEFORE the error message
No it does not (see above).
so why not report the email, instead of a base64 string?
Postfix doesn't actually know what the login username is until after the login completes and is reported back to Postfix by the Dovecot server.
Peter _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
