Server Team 2007-11-20 meeting minutes

Ante Karamatić ivoks at grad.hr
Sat Nov 24 20:11:24 UTC 2007


On Sat, 24 Nov 2007 13:52:11 -0500
Scott Kitterman <ubuntu at kitterman.com> wrote:

> I think we need to either provide no plain text mechanisms or provide
> TLS. Since the default setting for smtp_sasl_security_options
> (noplaintext, noanonymous) will not allow plain text mechanisms
> without TLS, then this is safe.

For both dovecot and postfix, TLS is enabled by default in Ubuntu.

> It would be better, if it's achievable, to set up TLS and allow plain
> text (LOGIN and PLAIN) since between those two virtually all mail
> clients are supported.  Perhaps, at a minimum, check for TLS and if
> it's enabled, add:
> 
> postconf -e "smtp_sasl_security_options = noanonymous"
> postconf -e "broken_sasl_auth_clients = yes"

I was considering those two, but I really wanted minimum for a start...




More information about the ubuntu-server mailing list