On Sat, Aug 24, 2013 at 10:01:08AM -0400, David Hulsebus wrote:
Noel:
> > Probably better is to only offer AUTH on submission port 587
> > with required encryption, and not offer AUTH at all on port 25.
>
> That is exactly what I want to do. If I uncomment this in the
> master.cf does it force T
David Hulsebus:
> > Probably better is to only offer AUTH on submission port 587 with
> > required encryption, and not offer AUTH at all on port 25.
>
> That is exactly what I want to do. If I uncomment this in the master.cf does
> it force TLS encryption on port 587 before authentication? If not
> Probably better is to only offer AUTH on submission port 587 with
> required encryption, and not offer AUTH at all on port 25.
That is exactly what I want to do. If I uncomment this in the master.cf does
it force TLS encryption on port 587 before authentication? If not, how would
I do that?
su
On 8/23/2013 9:35 PM, David Hulsebus wrote:
>
> When I added "noplaintext" as a security option and because MD5 was in the
> mech list SASL complained about no auth mechanism when it started. MD5 was
> already in the mech list but never failed because auth never reached it in
> the past, plain too
On 08/24/2013 04:35 AM, David Hulsebus wrote:
Why shouldn't I require TLS to encrypt all sessions for any clients who
authenticates to send mail out. Isn't that what following parameter
accomplishes ?
smtpd_tls_security_level = encrypt
The manual says "Encrypt - MUST NOT be applied in case of a
When I added "noplaintext" as a security option and because MD5 was in the
mech list SASL complained about no auth mechanism when it started. MD5 was
already in the mech list but never failed because auth never reached it in
the past, plain took precedence.
I removed "noplaintext" and removed eve
