On 13/03/2023 23:43, Gedalya via Exim-users wrote:
4. On ports 587, authentication should not be advertised before STARTTLS is issued.
A slight suggested relaxation of that rule: Only authentication methods which are self-encrypted should be used on a cleartext channel. That mean the same as your simpler rule for PLAIN and LOGIN, which are the common ones. But the SCRAM family, for example, would be safe. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/