Bernd Wurst pisze: > Hallo. > > Am Montag, 8. Dezember 2008 schrieb Paweł Tęcza: >> We need to protect the passwords of our users strongly, so they should >> use secure connection (via SSL) to ESMTP/POP3/IMAP servers. But how can >> we force the users to use STARTTLS for "normal" ESMTP server which >> listens on port 25? STARTTLS is only option here, so some users can >> bypass our security policy. > > Yes, same policy here. :) > We do not offer *any* login without secure connection. > > For SMTP, we have set: > > $ grep ^ESMTPAUTH /etc/courier/esmtpd > ESMTPAUTH="" > ESMTPAUTH_TLS="PLAIN LOGIN" > > > So courier does not offer any authentication methods before switching to TLS > mode. > > Gruß, Bernd
Guten Tag Bernd :) Thank you very much for your feedback! I've just noticed that I forgot to say about ESMTPAUTH_TLS setting in my second post. It's very important. Probably Courier will not switch to TLS mode without it. Sam, could you please add that "howto" to "OPTIONAL: Configure ESMTP authentication and SSL" section at your Courier-MTA website [1]? Have a nice day, Pawel [1] http://www.courier-mta.org/install.html#esmtpauth ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
