On 22/08/17 18:24, Aki Tuomi wrote:
Dovecot, by default, requires STARTTLS before accepting plaintext authentication when SSL is configured and you are not connecting from localhost. You can verify this by telnetting to port 143 from somewhere else (NOT LOCALHOST) and you can see it says LOGINDISABLED unless you have enabled something like cram-md5.
I think postfix, by default, will also prevent authentication without transport security.
No: $ postconf -d smtpd_tls_auth_only smtpd_tls_auth_only = no
The commented submission service in master.cf contains it, though, so if you uncomment the service as a whole it will be set: # -o smtpd_tls_auth_only=yes
Also, you should probably using 587/tcp (submission) for sending mail, instead of 25. Some reputable ISPs prevent connecting to random MX servers to port 25 to make life harder for spambots.
Right, you should never use port 25 for submission, for several reasons.
Peter