On Thu, Jul 06, 2023 at 06:38:34PM +0200, Ede Wolf via Postfix-users wrote:
> Jep, I just retested. Changed to plain, restarted postfix and mail gets
> deferred:
>
> relay=smtp.worldserver.net[217.13.200.36]:587, delay=1,
> delays=0.07/0.01/0.95/0, dsn=4.7.0, status=deferred (SASL authentication
> failed; cannot authenticate to server smtp.world
So the service provider advertises, but fails to implement "PLAIN", that
sounds like a bad idea. Open a bug report. They should not do that.
> changing back to login:
>
> relay=smtp.worldserver.net[217.13.200.36]:587, delay=190,
> delays=185/0.02/0.22/4.6, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued
> as D302E1E0A44)
In that case stick with just "login".
> I have used "password" as a superset or class of all clear text password
> methods, as opposed to fundamentally different methods, such as
> kerberos or ntlm.
There are no "superset mechanisms" in SASL. Just discrete method names,
however for purposes of options there are some required mechanism
properties that one configure in the SASL security options. Postfix
supports:
forward_secrecy
mutual_auth
noactive
noanonymous
nodictionary
noplaintext
There also these days no "kerberos" mechanism, just "gssapi".
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
