Loading ...
Sorry, an error occurred while loading the content.

292083Re: SMTP authentication

Expand Messages
  • Matteo Marescotti
    Mar 19, 2013
      Il 19/03/2013 19:30, Viktor Dukhovni ha scritto:
      > On Tue, Mar 19, 2013 at 06:47:42PM +0100, Matteo Marescotti wrote:
      >> Il 19/03/2013 17:41, Viktor Dukhovni wrote:
      >>> On Tue, Mar 19, 2013 at 02:18:51PM +0000, Matteo Marescotti wrote:
      >>>> submission inet n - - - - smtpd
      >>>> -o smtpd_tls_security_level=encrypt
      >>>> -o smtpd_sasl_auth_enable=yes
      >>>> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
      >>>> -o milter_macro_daemon_name=ORIGINATING
      >>>> ...
      >>> With "smtpd_tls_security_level=encrypt" only EHLO, NOOP and QUIT
      >>> are allowed before STARTTLS. The other commands will be rejected,
      >>> but of course we can't prevent the client from sending them.
      >> I said Postfix accepts the MAIL FROM command before user
      >> authentication, not before STARTTLS.
      > Sorry, I misread your post, I am too focused on TLS lately, yes
      > rejection of transactions is deliberately delayed to RCPT TO, this
      > makes it possible to later figure out what was being rejected.
      > A good MTA produces a good audit trail.
      I was sure there was a very good reason for that. Thank you very much to
      everybody. I learned something I could not figure out by myself.

    • Show all 14 messages in this topic