On 06/15/2013 12:13 PM, Benny Pedersen wrote:
Jan Kohnert skrev den 2013-06-15 10:57:
http://www.postfix.org/postconf.5.html#smtpd_tls_auth_only
do i need to tell it in --verbose ?
starttls have nothing to do with auth, just becurse this option have
tls and auth in one line does not make tls/ssl needed to make auth work
Quoted from the above documentation:
smtpd_tls_auth_only (default: no)
"When TLS encryption is optional in the Postfix SMTP server, do
not announce or accept SASL authentication over unencrypted connections. "
In other words, yes, setting this option in conjunction with
"smtpd_tls_security_level = may" *requires* TLS in order to AUTH.
smtpd_tls_security_level = encrypt means the server will *reject* any
commands that are not STARTTLS, until a TLS connection has been established.
This includes AUTH.
--
J.
