[Dovecot] problem with disable_plaintext_auth
Olivier Nicole
on at cs.ait.ac.th
Thu Jul 30 07:10:32 EEST 2009
Hi,
> > I am using dovecot with postfix for authentication.
> >
> > Everything (TLS/SSL, authentication) is working fine, except that when
> > I set:
> >
> > disable_plaintext_auth = yes
> >
> > I still can authenticate with plain text on a no TLS/SSL session:
> >
> > 20 mail2.cs.ait.ac.th ESMTP Postfix (2.6.2)
> > EHLO [192.41.170.57]
> > 250-mail2.cs.ait.ac.th
> > 250-PIPELINING
> > 250-SIZE 10240000
> > 250-VRFY
> > 250-ETRN
> > 250-STARTTLS
> > 250-AUTH PLAIN LOGIN
> > 250-AUTH=PLAIN LOGIN
> > 250-ENHANCEDSTATUSCODES
> > 250-8BITMIME
> > 250 DSN
> > AUTH PLAIN XXXX
> > 235 2.7.0 Authentication successful
>
> disable_plaintext_auth affects logging in to dovecot IMAP/POP3 server.
> This is a SMTP session with Postfix, you'll have to configure Postfix
> not to allow plain text authentication before STARTTLS.
But postfix hands the authentication task to dovecot (dovecot-auth
daemon).
And I am sure it does, because if I remove PLAIN from the
authentication mechanism of dovecot, then the SMTP sessions with
postfix will not offer AUTH PLAIN anymore.
So I am confused here.
Best regards,
Olivier
More information about the dovecot
mailing list