Thank you people, I've solved the problem (my problem). I for myself would have said it's the wrong way, but it works:
I >>didn't<< define the /service/qmail-smtpd/env/SMTPAUTH variable with the content 'TLSREQUIRED'; I wrote the line in /etc/tcp.smtp (for tcpserver to know how relaying has to be organized): :allow,SMTPAUTH="TLSREQUIRED" Peter On Tuesday 09 March 2004 23:09, you wrote: > On Tue, Mar 09, 2004 at 12:57:02AM +0100, Peter Fiers wrote: > > Hi, > > > > I set up qmail-ldap like it is described in Life with qmail-ldap. First > > tests succeeded. There is one problem: I can use TLS to encrypt traffic > > between MUA and qmail-smtpd, but I cannot enforce SMTP client encryption > > by setting the variable /service/qmail-smtpd/env/SMTPAUTH to TLSREQUIRED. > > Neither would the client encrypt nor would the server refuse the > > connection without encryption. What might be the reason for this? > > TLSREQUIRED just means that TLS is required for SMTP AUTH (because else > the password would be cleartext). Now in your case you need to set > AUTHREQUIRED too so that the client must authenitcate first but because of > TLSREQUIRED it needs to do STARTTLS befor AUTH and so you get an encrypted > & authenticated session.
