294317Re: sasl on smtps: allowing plaintext
- Jul 16, 2013On Tue, 16 Jul 2013 18:10:27 -0500, /dev/rob0 <rob0@...> wrote:
> Sure, this works, but why is it a problem? Why not just enforce TLSMaybe I'm being paranoid, but because not all my relays support TLS I
> where it is needed?
> A Postfix which is using a relayhost is not going to connect to
> random Internet sites, and it is definitely not going to attempt to
> AUTH at any site not configured in $smtp_sasl_password_maps.
cannot be stricter than
smtp_tls_security_level = may
without also having separate transports (if I understand correctly).
So if I do not set noplaintext and someday one of the
usually-TLS-enabled relays doesn't offer TLS (config hickup...),
postfix will AUTH.
- << Previous post in topic Next post in topic >>