Date: Mon, 02 Jul 2007 06:44:54 +0900 (JST) From: KIMURA Yasuhiro <yasu@utahime.org> To: vivek@khera.org Cc: mnag@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org, FreeBSD-gnats-submit@FreeBSD.org Subject: Re: ports/113864: [PATCH] mail/postfix: Add patch for Dovecot SASL authentication Message-ID: <20070702.064454.89677589.yasu@utahime.org> In-Reply-To: <200706191950.l5JJoF4R098152@freefall.freebsd.org> References: <200706191950.l5JJoF4R098152@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello.
This is patch for not-implemented-yet problem about
smtpd_sasl_security_options and smtpd_sasl_tls_security_options.
When Cyrus is used as SASL, Following settings are available:
smtpd_sasl_security_options = noplaintext,noanonymous
smtpd_sasl_tls_security_options = noanonymous
These settings prevent plaintext authentication (such as PLAIN or
LOGIN) used without encryption, while leaving non-plaintext
authentication (such as CRAM-MD5) always available.
But these settings are not available when Dovecot is used as SASL
because it is not implemented yet in postfix 2.4.x.
Strictly speaking, this is not bug because there is following
description in postfix manual:
smtpd_sasl_security_options (noanonymous)
Postfix SMTP server SASL security options; as of
Postfix 2.3 the list of available features depends
on the SASL server implementation that is selected
with smtpd_sasl_type.
But when I googled about this problem I found not a few examples of
meaningless setting such as following:
smtpd_sasl_type = dovecot
smtpd_sasl_security_options = noplaintext,noanonymous
smtpd_sasl_tls_security_options = noanonymous
So I think this patch is worth backporting.
Regards.
P.S. Please carbon-copy to originator of PR next time when you send
feedback which requests more info.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070702.064454.89677589.yasu>