Wietse: > Dovecot tells Postfix the supported mechanism names and their > security properties. Postfix intersects that with the main.cf > settings, and announces the mechanisms that remain.
Michael Fox: > O.K. Thanks. > > Can be more specific about which SASL mechanisms are allowed or disallowed > by each option? In other words, how do I know which mechanisms will be > disallowed with "noactive" or "nodictionary" or allowed by "forward_secrecy" > or "mutual_auth"? I'm unable to connect the dots. You can find out about SASL active etc. attacks in RFC 4422 https://tools.ietf.org/html/rfc4422 Wietse