Server Team 2007-11-20 meeting minutes
ivoks at grad.hr
Sat Nov 24 20:11:24 UTC 2007
On Sat, 24 Nov 2007 13:52:11 -0500
Scott Kitterman <ubuntu at kitterman.com> wrote:
> I think we need to either provide no plain text mechanisms or provide
> TLS. Since the default setting for smtp_sasl_security_options
> (noplaintext, noanonymous) will not allow plain text mechanisms
> without TLS, then this is safe.
For both dovecot and postfix, TLS is enabled by default in Ubuntu.
> It would be better, if it's achievable, to set up TLS and allow plain
> text (LOGIN and PLAIN) since between those two virtually all mail
> clients are supported. Perhaps, at a minimum, check for TLS and if
> it's enabled, add:
> postconf -e "smtp_sasl_security_options = noanonymous"
> postconf -e "broken_sasl_auth_clients = yes"
I was considering those two, but I really wanted minimum for a start...
More information about the ubuntu-server