On Tuesday, October 21, 2008 at 23:23 CEST,
Terry Carmen <[EMAIL PROTECTED]> wrote:
> I just setup TLS and SASL to allow sending non-local mail only by
> authenticated users, and to have the entire SMTP conversation with the
> client software encrypted, and wanted to make sure it's operating
> correctly:
>
> The log from a session from my mail client (Thunderbird) says:
>
> Oct 21 17:15:02 wormhole postfix/smtpd[23828]: Anonymous TLS connection
> established from rrcs-xx-xx-89-178.nys.biz.rr.com[xx.xx.89.178]: TLSv1
> with cipher DH
>
> Oct 21 17:15:03 wormhole postfix/smtpd[23828]: 02614300D0:
> client=rrcs-xx-xx-89-178.nys.biz.rr.com[xx.xx.89.178],
> sasl_method=PLAIN, sasl_username=terry
>
> Would I be correct in assuming that the client first established an
> anonymous encrypted session with the server, then authenticated as
> the user terry, via the encrypted connection?
That's correct.
> Once the TLS connection is established, is it used for the entire
> session, including the message data transfer, or just for the
> authentication?
The whole session will be encrypted.
--
Magnus Bäck
[EMAIL PROTECTED]
