Re: sasl on smtps: allowing plaintext
- On Wed, Jul 17, 2013 at 08:19:56AM +0200, Vincent Pelletier wrote:
> Maybe I'm being paranoid, but because not all my relays support TLS IThe suggestion is I believe to use smtp_tls_policy_maps to ensure
> cannot be stricter than
> smtp_tls_security_level = may
> without also having separate transports (if I understand correctly).
> So if I do not set noplaintext and someday one of the
> usually-TLS-enabled relays doesn't offer TLS (config hickup...),
> postfix will AUTH.
that TLS is used for destinations where you will be using plaintext
# MITM resistant authenticated TLS
[smtp.example.com]:587 secure match=smtp.example.com
# MITM vulnerable unauthenticated TLS
# Some day when provider adopts DNSSEC and publishes a suitable TLSA
# RRset and you've deployed Postfix 2.11
- On Wed, 17 Jul 2013 13:37:53 +0000, Viktor Dukhovni
> The suggestion is I believe to use smtp_tls_policy_maps to ensureThanks, I think I understand now:
> that TLS is used for destinations where you will be using plaintext
main.cf (or a few -o in master.cf's submission service):
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = must
smtp_tls_policy_maps = hash:blah
This is indeed closer to the mental picture I had of the solution
(host-based lookup), but I didn't notice the need for a laxist
I've the idea to someday move my postfix setup to a server also sending
& receiving mails for its own domain. Is it a bad idea (error-prone)
to mix both of those use cases on a single postfix, generally speaking ?
If I understand correctly, a setup with both roles would need your
initial suggestion (which I setup successfully before noticing the
- On Wed, Jul 17, 2013 at 08:10:44PM +0200, Vincent Pelletier wrote:
> On Wed, 17 Jul 2013 13:37:53 +0000, Viktor Dukhovni"must" is not a valid value for "smtp_tls_security_level", see the
> <postfix-users@...> wrote:
> > The suggestion is I believe to use smtp_tls_policy_maps to ensure
> > that TLS is used for destinations where you will be using plaintext
> > authentication.
> Thanks, I think I understand now:
> main.cf (or a few -o in master.cf's submission service):
> smtp_sasl_security_options = noanonymous
> smtp_tls_security_level = must
documentation for details.
> smtp_tls_policy_maps = hash:blahEither a secure default and insecure exceptions, or the converse.
> [127.0.0.1] none