You are right. Using an AUTHENTICATE / LOGIN command on an unsecure connection should not be permitted. Or at the very least as an admin I should be able to disable it.
I am not aware of such mechanism. As I think this is important, I will introduce a ticket about it. Cheers, Benoit Le 16/11/2017 à 23:27, Song, Jeff a écrit : > Hello. Is there a way to disable Plaintext Authentication in James 3.0.1? > My understanding is to enable TLS, if we want to disable Plaintext > Authentication. The other possibility is to disable authentication, but then > it would essentially make the mail server an open relay. When we enable TLS, > I'm unable to receive emails from external mail servers. > > Thanks, > > Jeff > > --------------------------------------------------------------------- > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
