Michael-John Turner a écrit :

>On Mon, Feb 21, 2005 at 11:51:31PM +0100, Asmodehn Shade wrote:
>[...]
>  
>
>>smtpd_enforce_tls = yes
>>    
>>
>
>Unless I'm mistaken, this enforces TLS.
>
>[...]
>  
>
>>But tls negociation seems to timeout...
>>when I try to connect the server with Thunderbird or with telnet, the 
>>result is the same :
>>
>>    
>>
>>>telnet localhost 25
>>>Trying ::1...
>>>telnet: connect to address ::1: Connection refused
>>>Trying 127.0.0.1...
>>>Connected to localhost.
>>>Escape character is '^]'.
>>>EHLO test.net
>>>Connection closed by foreign host.
>>>      
>>>
>[...]
>
>Telnet won't setup a TLS connection, and that needs to happen 
>before the EHLO, hence your error. Is Thunderbird configured to use
>TLS?
>
>Disclaimer: I'm not a Postfix expert...
>
>-mj
>  
>
yes thunderbird was configured to use tls... Since the client doesn't 
need to authenticate, I thoughed TLS channel will be done, even when 
connecting with telnet, even if I could not read anything ;-)

Cyrus imapd is working with SASL and TLS now...
I can have CRAMMD5 / DIGESTMD5 / NTLM + TLS on local connection (imtest 
-t"" [...] localhost) but Thunderbird say to me that my server doesn't 
know secure authentication (??!!??!?)
But I can also log in with plain+TLS, this doesn't matter to me, but 
this may be a clue?

 I don't know what I'm missing in postfix. SASL is set up the same way 
than cyrus-imapd, and the certs are the same... I don't understand, why 
the TLS handshake cannot be done. Is there a way to test it in console ?

Thank you

--
Asmodehn


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 266.3.0 - Release Date: 21/02/2005