Am 29.09.2014 um 15:51 schrieb Michael Wechner:
Am 29.09.14 15:30, schrieb Reindl Harald:
Am 29.09.2014 um 15:21 schrieb Michael Wechner:
Hi Harald
Thanks very much for your quick reply. Please see my answers inline below
telnet is worthless because AUTH is likely announced *after STARTTLS* http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
right, but when requesting for example mail.wyona.com, then I can see
AUTH
depends on the servers configuration
hence I would assume to see it also for the new version of postfix and dovecot, or do I misunderstand something?
yes, you did not read http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
if the server is configured in a way it offers AUTH only over a encrypted channel (recommended) then you need to use STARTTLS before you see the capability and for that telnet is just the wrong tool
the new server config reads (postfix mail_version = 2.7.0):
smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sender_restrictions = reject_unknown_sender_domain
- check postfix master.cf for chroot - only explicit "n" disabled it
- check configuration of the private/dovecot-auth (permissions and so on)
- look at your logs careful
that is my part in dovecot.conf:
service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } }
that's my part in postfix's main.cf:
smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
well, both are unchanged for a very long time and survived a lot of dist-upgrades (Fedora) as well as Dovecot/Postfix