On Thu, Jun 11, 2009 at 12:48:29PM -0500, Noel Jones wrote:
On Thu, Jun 11, 2009 at 10:36 AM, Michal Szymanskimsz@astrouw.edu.pl wrote:
I don't see any references to tls in your postconf -n output. Has postfix been built with openssl?
I guess so. 'ldd /usr/sbin/postfix' gives, amoung others:
libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00002b71e8eea000) libssl.so.6 => /lib64/libssl.so.6 (0x00002b71e9103000)
I did not put any 'tls' options into main.cf (nor the -o smtpd_tls_wrappermode option in master.cf) as the postfix/dovecot/SASL howto on dovecot's wiki does not mention it at all. So I thought that TLS is not required to make SASL authetication. Am I wrong?
TLS is not required for SASL, but is highly recommended to protect plain-text credentials from eavesdroppers.
At any rate, don't configure TBird to submit mail to postfix via TLS/SSL unless you enable TLS/SSL in postfix.
For easy setup of postfix TLS, see http://www.postfix.org/TLS_README.html#quick-start (but be sure to read the whole document, not just the quick-start section).
Thanks a lot! It has worked, finally!
Maybe it would be worth adding to that Postfix/Dovecot/SASL HowTo that apart from the configuration changes it lists, one has to configure Postfix to accept authenticated connections. It would save newbies like me many headaches.
regards, Michal.
-- Michal Szymanski (msz at astrouw dot edu dot pl) Warsaw University Observatory, Warszawa, POLAND
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.