No AUTH PLAIN with dovecot 2.0.19
Reindl Harald
h.reindl at thelounge.net
Mon Sep 29 13:07:20 UTC 2014
Am 29.09.2014 um 15:01 schrieb Reindl Harald:
> Am 29.09.2014 um 14:53 schrieb Michael Wechner:
>> which means using telnet returns
>
> telnet is worthless because AUTH is likely announced *after STARTTLS*
> http://www.postfix.org/postconf.5.html#smtp_sasl_security_options
>
>> telnet mx2.wyona.com 587
>> Trying 50.116.54.197...
>> Connected to node3.wyona.com.
>> Escape character is '^]'.
>> 220 node3.members.linode.com ESMTP Postfix (Ubuntu)
>
> oh my god, another server in the linode-zombie network
> that's bad neigbourhood and you should avoid a PTR
> ending with "members.linode.com" which is generic
> and here blocked because i have never seen any legit
> mail from Linode but 24 hours each day attacks or
> spam delivery attempts
>
> http://www.mxpolice.com/email-security/importance-of-ptr-records-for-reliable-mail-delivery/
errata, with "node" at the begin: luck
/^li[0-9]{1,3}[\.\-][0-9]{1,3}\.members\.linode\.com$/ REJECT Generic DNS-Reverse-Lookup
>> EHLO letscallitevil.com
>> 250-node3.members.linode.com
>> 250-PIPELINING
>> 250-SIZE 10240000
>> 250-VRFY
>> 250-ETRN
>> 250-STARTTLS
>> 250-ENHANCEDSTATUSCODES
>> 250-8BITMIME
>> 250 DSN
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140929/4fab06b2/attachment.sig>
More information about the dovecot
mailing list