Loading ...
Sorry, an error occurred while loading the content.

292080Re: SMTP authentication

Expand Messages
  • Viktor Dukhovni
    Mar 19, 2013
    • 0 Attachment
      On Tue, Mar 19, 2013 at 06:47:42PM +0100, Matteo Marescotti wrote:

      > Il 19/03/2013 17:41, Viktor Dukhovni wrote:
      > >On Tue, Mar 19, 2013 at 02:18:51PM +0000, Matteo Marescotti wrote:
      > >
      > >>submission inet n - - - - smtpd
      > >> -o smtpd_tls_security_level=encrypt
      > >> -o smtpd_sasl_auth_enable=yes
      > >> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
      > >> -o milter_macro_daemon_name=ORIGINATING
      > >>...
      > >
      > >With "smtpd_tls_security_level=encrypt" only EHLO, NOOP and QUIT
      > >are allowed before STARTTLS. The other commands will be rejected,
      > >but of course we can't prevent the client from sending them.

      > I said Postfix accepts the MAIL FROM command before user
      > authentication, not before STARTTLS.

      Sorry, I misread your post, I am too focused on TLS lately, yes
      rejection of transactions is deliberately delayed to RCPT TO, this
      makes it possible to later figure out what was being rejected.
      A good MTA produces a good audit trail.

      --
      Viktor.
    • Show all 14 messages in this topic