Hi On 31 August 2010 03:04, Wietse Venema <wie...@porcupine.org> wrote: > > If this does not announce the SASL mechanisms that you expect, then > the missing mechanisms are not installed with the Cyrus SASL library.
I do appreciate that you took the time to answer my questions.. Especially as I understand it you're the author of postfix and I'm sure you have a very busy schedule. But it seems to me that you haven't read what I asked for. > > Each Cyrus SASL is provided as a shared object file. On many systems > these files are called /usr/libsasl/digestmd5.so.1, /usr/libsasl/plain.so.1 > and so on. > > I don't know if Patrik's saslfinger tool works on MacOS, but it > would list out these files for you (along with "postconf -n" output > and other information that helps to quickly solve many problems > with Cyrus SASL deployment). The issue isn't about not having the SASL mechanisms I want. The issue is being able to distinguish which mechanisms are allowed during a TLS/SSL session vs a clear text one. The documentation states that it can be controlled with smtpd_sasl_security_options and smtpd_sasl_tls_security_options and provide different mechanism according to the communication medium used. Yet it doesn't. It always announce the same mechanism, SSL being used or not. JY
