> Postfix uses whatever mechanisms SASL says it
can handle. If SASL
> says it can handle plain, it means it has support
for plain compiled
> in. It doesn't necessarily mean that actually
trying to use plain will
> succeed.

OK.

If postfix is advertising PLAIN to clients, will they
attempt to use it & then because it will fail, then go
into a loop?

Would it be better to have the highest form of
encryption stated first incase a client just picks the
first in a list? (SASL configure here, I guess)

Compare sample-auth.cf (find: HORROR!)

I compiled SASL with
configure
--enable-java
--with-javabase=/usr/local/java
--with-gnu-ld
--enable-login
--disable-krb4
--disable-gssapi
--with-OpenSSL
--with-des=/usr/local/ssl
--with-rc4=/usr/local/ssl
--enable-digest

plain is enabled by default in configure.

Maybe I should recompile without plain and/or login.

>
> Are you running Postfix chrooted? If you are,
you should copy
> /etc/sasldb (better yet, link it into) the jail.

No. I'll deffinitely try later on if I can get it to
work out of a jail now.

>
> > What I am now suspicious of is DNS.
> >
> > The boss has only a cheep NON-STATIC ADSL
connection at the moment, &
> > so the network's DNS isn't functioning correctly.
> >
> > Could this be an issue here even though I am
connecting to localhost
> > via the loopback interface?
>
> No. SMTP AUTH has nothing to do with DNS (not
at that stage
> anyway).
>
> Regards,
>
> Liviu Daia

Oh.

How does postfix ask sasl what is available?

How can I confirm that postfix is actually speaking to
sasl & not just using some defaults/guessing?

Craig Skinner

-- 
Get your free email from www.linuxmail.org 

Powered by Outblaze
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]