Subject: Re: Next Step : postfix / sasl / tls - pkgsrc 2004Q4
To: Michael-John Turner <firstname.lastname@example.org>
From: Asmodehn Shade <email@example.com>
Date: 02/22/2005 18:32:28
Michael-John Turner a écrit :
>On Mon, Feb 21, 2005 at 11:51:31PM +0100, Asmodehn Shade wrote:
>>smtpd_enforce_tls = yes
>Unless I'm mistaken, this enforces TLS.
>>But tls negociation seems to timeout...
>>when I try to connect the server with Thunderbird or with telnet, the
>>result is the same :
>>>telnet localhost 25
>>>telnet: connect to address ::1: Connection refused
>>>Connected to localhost.
>>>Escape character is '^]'.
>>>Connection closed by foreign host.
>Telnet won't setup a TLS connection, and that needs to happen
>before the EHLO, hence your error. Is Thunderbird configured to use
>Disclaimer: I'm not a Postfix expert...
yes thunderbird was configured to use tls... Since the client doesn't
need to authenticate, I thoughed TLS channel will be done, even when
connecting with telnet, even if I could not read anything ;-)
Cyrus imapd is working with SASL and TLS now...
I can have CRAMMD5 / DIGESTMD5 / NTLM + TLS on local connection (imtest
-t"" [...] localhost) but Thunderbird say to me that my server doesn't
know secure authentication (??!!??!?)
But I can also log in with plain+TLS, this doesn't matter to me, but
this may be a clue?
I don't know what I'm missing in postfix. SASL is set up the same way
than cyrus-imapd, and the certs are the same... I don't understand, why
the TLS handshake cannot be done. Is there a way to test it in console ?
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 266.3.0 - Release Date: 21/02/2005