Loading ...
Sorry, an error occurred while loading the content.

293834Re: STARTTLS not announced?!

Expand Messages
  • Jeroen Geilman
    Jun 15, 2013
      On 06/15/2013 12:13 PM, Benny Pedersen wrote:
      > Jan Kohnert skrev den 2013-06-15 10:57:
      >
      >> http://www.postfix.org/postconf.5.html#smtpd_tls_auth_only
      >
      > do i need to tell it in --verbose ?
      >
      > starttls have nothing to do with auth, just becurse this option have
      > tls and auth in one line does not make tls/ssl needed to make auth work
      >

      Quoted from the above documentation:

      smtpd_tls_auth_only (default: no)
      "When TLS encryption is optional in the Postfix SMTP server, do
      not announce or accept SASL authentication over unencrypted connections. "

      In other words, yes, setting this option in conjunction with
      "smtpd_tls_security_level = may" *requires* TLS in order to AUTH.

      smtpd_tls_security_level = encrypt means the server will *reject* any
      commands that are not STARTTLS, until a TLS connection has been established.

      This includes AUTH.

      --
      J.
    • Show all 20 messages in this topic