On 4/9/2011 9:46 AM, Voytek Eymont wrote:
I'm trying to setup smtp auth with Dovecot's sasl, I'm getting this in the
log:
what does 'Anonymous TLS connection' mean:
is it as connection is set up prior to user authentication, is that what
it is ?
This has nothing to do with user authentication.
Anonymous connections are normal when you configure postfix
for opportunistic TLS and don't require client certificates.
Unless you require the client to present a valid certificate
(normally only used with secure channel verification, and not
supported by the majority of desktop email clients), you can
safely ignore these messages.
(or do I have a problem...?)
No, everything is normal and secure.
also, the 'certificate verification failed':
This means that postfix either postfix does not have the
proper CA certificate or the client has a self-signed
certificate. TLS is still used and is still secure, but the
identity of the server could not be verified.
This also is normal for opportunistic TLS. Unless you require
a verified secure channel to the server on the other end, you
can safely ignore these.
-- Noel Jones