kashani wrote: > BTW I would not recommend using that how-to for the following reasons. > > 1. clear text passwords Do you mean "clear text" in the DB or on the wire? If you want to avoid the former you get the latter 'cause SASL shared secret mechs wouldn't work anymore. So trust SSL or die and better have *real* certificates ;) Ah, and have you configured postfix to actually deny PLAIN and LOGIN without SSL? (smtpd_sasl_security_options = noanonymous noplaintext and smtpd_sasl_tls_security_options =)
cheers Paul -- [email protected] mailing list
