On 1/7/2012 8:33 PM, Benny Pedersen wrote: > On Tue, 27 Dec 2011 14:07:22 +0100, Jeroen Geilman wrote: > >> smtpd_tls_auth_only = yes >> >> to main.cf; otherwise, all authentication communication is sent "in >> the clear". > > this will only break starttls clients, that means connection must be > tls before connection, it will not make plain passwords more secure >
Wrong. This prevents postfix from sending the AUTH keyword or accepting the AUTH command until an encrypted connection is established (either STARTTLS or wrappermode). It increases security by making sure that all passwords are sent in an encrypted tunnel. Since several popular clients can only do PLAIN or LOGIN, this is a good thing. The only clients this will break are those that aren't configured to use an encrypted connection -- and that's the whole idea. You can see this yourself pretty easily by connecting with telnet and then connecting with openssl s_client. -- Noel Jones