|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: SASL vs. M$ Outlook and Outlook Express
From: Tom Kovar (postfix_list
kovarovi.org)
Date: Mon Jan 01 2007 - 08:01:38 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
As stated in my previous mail - offering LOGIN as authentication
mechanism does not change anything on the problem. Offering both PLAIN
and LOGIN does not change anything, offering only LOGIN leads to an
error message by the client that the server does not offer any mechanism
supported by Outlook Express. (After initial failure with both Outlook
and O.Express, I continue testing only with Express now).
So frankly I do not believe that Outlook Express really supports LOGIN
mechanism...
As to the TLS - I am aware that it is not quite the best way from
security perspective, but I do implement things stepwise. After I have
tested everything on open sockets, I will introduce SSL. For a short
time I do not see it such an issue.
Rgds,
--- Tom
-----Original Message-----
From: owner-postfix-userspostfix.org
[mailto:owner-postfix-userspostfix.org] On Behalf Of Tony Earnshaw
Sent: Monday, January 01, 2007 2:52 PM
To: Postfix users
Subject: Re: SASL vs. M$ Outlook and Outlook Express
Rene van Hoek wrote:
[...]
> I did an telnet to your machine and that seems ok:
>
> Leto:/Volumes renevanhoek$ telnet mail.kovarovi.org 25
> Trying 194.212.102.169...
> Connected to bimbo.kovarovi.org.
> Escape character is '^]'.
> 220 mail.kovarovi.org ESMTP Postfix
> EHLO test.a8.nl
> 250-mail.kovarovi.org
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-AUTH PLAIN
> 250-AUTH=PLAIN
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
>
>
> Also according to the maillog, the client don't authenticate. So the
> problem is as far as I can see with the configuration of the client.
>
> As an test, did you try for yourself to relay mail through your mta
with
> Windows and Outlook? In this way you can rule-out (or confirm) client
> configuration mistakes.
MS clients need AUTH LOGIN, PLAIN won't work; also it's a security
mistake to offer AUTH PLAIN or LOGIN without first hiding them with
smtpd_use_tls = yes and smtpd_tls_auth_only = yes.
> Otherwise refer your client to Microsoft Support ;-)
After OP has waited his due time and paid his due he'll get to hear the
same from them.
--Tonni
--
Tony Earnshaw
Email: tonni at hetnet.nl
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]