Thanks a lot for your advise. What is the difference between noplaintext and the plaintext encrypted?
Also, what will happen if I did not set this mech_list: cram-md5? For what it used the cram-md5? Regards Bilal --- On Fri, 1/13/12, Patrick Ben Koetter <p...@state-of-mind.de> wrote: > From: Patrick Ben Koetter <p...@state-of-mind.de> > Subject: Re: smtpd_sasl_security_options = noanonymous, CRAM-MD5 > To: postfix-users@postfix.org > Date: Friday, January 13, 2012, 6:03 PM > * bilal ghayyad <bilmar...@yahoo.com>: > > Hi All; > > > > If I set smtpd_sasl_security_options = CRAM-MD5 > instead of noanonymous, then what will happen in this case? > > The server will throttle. CRAM-MD5 is not a valid option > for > smtpd_sasl_security_options. > > Set this instead: > > # main.cf > smtpd_sasl_security_options = noanonymous, noplaintext > > # smtpd.conf > mech_list: cram-md5 > > > > And if I used: smtpd_use_tls = yes and did not use > certificate, then they > > password will be sent encrypted or not? > > This forces TLS on all clients. You must not do it on a > publicly available MX > according to RFCs. > > > Also, what if I used this also? smtpd_tls_auth_only = > yes > > You want noplaintext over unencrypted channels and > plaintext over crypted, > yes? Try this in main.cf: > > smtpd_sasl_security_options = noanonymous, noplaintext > smtpd_tls_sasl_security_options = noanonymous > > > > Is it possible to set all togethor? How it will work > in this case: > > Use my examples from above. > > p@rick > > -- > All technical questions asked privately will be > automatically answered on the > list and archived for public access unless privacy is > explicitely required and > justified. > > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/> >
