Here is the relevant portions of my postconf -n output. I am using dovecot 1.1 as LDA which is a little different than your setup. I am using the iPhone with this and it works perfectly. Never had a problem.
broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = etc/example.com.crt.pem smtpd_tls_key_file = etc/example.com.key.pem smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 smtpd_tls_security_level = may unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual virtual_mailbox_domains = example.com, example.net, example.org virtual_transport = dovecot
Some relevant lines from master.cf as well:
smtp inet n - - - - smtpd submission inet n - - - - smtpd 1025 inet n - - - - smtpd smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
In my situation, all SMTP AUTH is sent through port 465 (smtps) using TLS. I hope that helps.
Bryan