Am 02.04.2011 21:58, schrieb Jeroen Geilman: > On 04/02/2011 09:50 PM, Alex wrote: > >> Okay, I think I have it working correctly now. I believe my mistake >> was with using the incorrect ports for authentication. > > Authentication doesn't have a "port" - it is an integral part of the SMTP > protocol. > >> I think I may >> not fully understand the logic behind the whole process still, >> however. >> >> I've changed smtpd_tls_security_level to 'may' from 'encrypt' in >> main.cf because it also needs to be able to accept mail from non-TLS >> authenticated clients (which are actually other postfix servers) in >> addition to my K9 android mail client. >> > > You shouldn't run TLS at all on port 25 if you're not using it for submission > - and there is no reason to do so
sorry but that is nonsense YOU SHOULD ENABLE IT OR YOU CAN DISABLE SSL ON IMAP/POP3 TOO what sense makes it to encrypt receiving messages over ssl with your client as long other mail-servers deliver thmen unencrypted? if you wuld like encrypted services EVERY host and protocol which is involved should support TLS or you can disable it completly secuity level "may" is correct because not every host supports encryption but if the host support it tls should be used, so the message is encrypted from one client to the receiver, least you minimize the count of unencrypted hops
signature.asc
Description: OpenPGP digital signature
