* Wietse Venema <[EMAIL PROTECTED]>: > Patrick Ben Koetter: > > A reasonable setting is: > > > > smtpd_sasl_security_options = noanonymous > > > > This allows any available mechanism except for anonymous, as it is highly > > exploitable in the context of SMTP. (It's usable in the context of FTP or > > IMAP > > shared folder access). > > > > Another reasonable setting is: > > > > smtpd_sasl_security_options = noanonymous, noplaintext > > > > If you can't use TLS to shield SMTP AUTH conducted using plaintext > > mechanisms > > then you should not offer them. > > > > A good compromise is to forbid plaintext over unencrypted, but permit it > > over > > crypted communication (TLS): > > > > smtpd_sasl_security_options = noanonymous, noplaintext > > smtpd_tls_sasl_security_options = noanonymous > > > > As soon as a client has started a TLS session the SMTP session is restarted. > > The server then offers plaintext mechanisms and the client may have use them > > securely. > > Unfortunately, this should be: smtpd_sasl_tls_security_options
Yes, indeed. Thanks for crosschecking. [EMAIL PROTECTED] -- The Book of Postfix <http://www.postfix-book.com> saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
