search for: noplaintext

...1 serwer-1 dovecot: imap-login: Error: SSL: Stacked error: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher When I setup in postfix main.cf file (other lines default): tls_ssl_options = no_ticket, no_compression tls_preempt_cipherlist = yes smtpd_sasl_security_options=noanonymous,noplaintext smtpd_sasl_tls_security_options=noanonymous,noplaintext smtpd_tls_mandatory_ciphers = high smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem #instead of below I tried smtpd_tls_mandatory_exclude_ciphers but I don't know what should be setup smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT,...

...> > This means your client did not support your enabled ciphers. > > > > > When I setup in postfix main.cf file (other lines default): > > tls_ssl_options = no_ticket, no_compression > > tls_preempt_cipherlist = yes > > smtpd_sasl_security_options=noanonymous,noplaintext > > smtpd_sasl_tls_security_options=noanonymous,noplaintext > > smtpd_tls_mandatory_ciphers = high > > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > > #instead of below I tried smtpd_tls_mandatory_exclude_ciphers but I > don't > > know what should be s...

...# postconf | grep sasl broken_sasl_auth_clients = yes cyrus_sasl_config_path = lmtp_sasl_auth_cache_name = lmtp_sasl_auth_cache_time = 90d lmtp_sasl_auth_enable = no lmtp_sasl_auth_soft_bounce = yes lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus proxy_write_maps = $smtp_sasl_auth_cache_name $lmtp_sasl_auth_cache_name send_cyrus_sasl_authzid = no smtp_sasl_auth_cache_name...

...t: pop3-login: Error: SSL: Stacked error: error:14094085:SSL routines:ssl3_read_bytes:ccs received early Apr 25 14:09:16 serwer-1 dovecot: imap-login: Error: SSL: Stacked error: error:1408A0E3:SSL routines:ssl3_get_client_hello:parse tlsext And second thing: smtpd_sasl_security_options=noanonymous,noplaintext smtpd_sasl_tls_security_options=noanonymous,noplaintext These two lines in main.cf postfix file generate error no SASL authentication method. What should be configured in Dovecot to avoid both problems? -- *Pozdrawiam / Best Regards* *Piotr Bracha* *tel. 534 555 877* *serwis at poliman.pl...

...ed ciphers. > > > > > > > > > > > When I setup in postfix main.cf file (other lines default): > > > > tls_ssl_options = no_ticket, no_compression > > > > tls_preempt_cipherlist = yes > > > > smtpd_sasl_security_options=noanonymous,noplaintext > > > > smtpd_sasl_tls_security_options=noanonymous,noplaintext > > > > smtpd_tls_mandatory_ciphers = high > > > > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > > > > #instead of below I tried smtpd_tls_mandatory_exclude_ciphers but I > &...

...ix itself. >From the working environ, only listening on port 25, I simply added the following (as per directions already cited above): smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_security_options = noanonymous, noplaintext smtp_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous And, of course, permit_sasl_authenticated was added to smtpd_recipient_restrictions. I got the impression from the baove sources that Postfix will then...

...sl3_get_client_hello:no shared cipher This means your client did not support your enabled ciphers. > > When I setup in postfix main.cf file (other lines default): > tls_ssl_options = no_ticket, no_compression > tls_preempt_cipherlist = yes > smtpd_sasl_security_options=noanonymous,noplaintext > smtpd_sasl_tls_security_options=noanonymous,noplaintext > smtpd_tls_mandatory_ciphers = high > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > #instead of below I tried smtpd_tls_mandatory_exclude_ciphers but I don't > know what should be setup > smtpd_tls_exclude_ci...

...> > > >> > > > When I setup in postfix main.cf file (other lines default): > >> > > > tls_ssl_options = no_ticket, no_compression > >> > > > tls_preempt_cipherlist = yes > >> > > > smtpd_sasl_security_options=noanonymous,noplaintext > >> > > > smtpd_sasl_tls_security_options=noanonymous,noplaintext > >> > > > smtpd_tls_mandatory_ciphers = high > >> > > > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > >> > > > #instead of below I tried smtpd_tls_ma...

...ent did not support your enabled ciphers. > > > > > > > > When I setup in postfix main.cf file (other lines default): > > > tls_ssl_options = no_ticket, no_compression > > > tls_preempt_cipherlist = yes > > > smtpd_sasl_security_options=noanonymous,noplaintext > > > smtpd_sasl_tls_security_options=noanonymous,noplaintext > > > smtpd_tls_mandatory_ciphers = high > > > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > > > #instead of below I tried smtpd_tls_mandatory_exclude_ciphers but I > > don't > &...

...-authrelay | fgrep sasl broken_sasl_auth_clients = no cyrus_sasl_config_path = lmtp_sasl_auth_cache_name = lmtp_sasl_auth_cache_time = 90d lmtp_sasl_auth_enable = no lmtp_sasl_auth_soft_bounce = yes lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual...

...; > >> > > > >> > > > When I setup in postfix main.cf file (other lines default): >> > > > tls_ssl_options = no_ticket, no_compression >> > > > tls_preempt_cipherlist = yes >> > > > smtpd_sasl_security_options=noanonymous,noplaintext >> > > > smtpd_sasl_tls_security_options=noanonymous,noplaintext >> > > > smtpd_tls_mandatory_ciphers = high >> > > > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem >> > > > #instead of below I tried smtpd_tls_mandatory_exclude_ciph...

...>> > > > When I setup in postfix main.cf file (other lines default): > > >> > > > tls_ssl_options = no_ticket, no_compression > > >> > > > tls_preempt_cipherlist = yes > > >> > > > smtpd_sasl_security_options=noanonymous,noplaintext > > >> > > > smtpd_sasl_tls_security_options=noanonymous,noplaintext > > >> > > > smtpd_tls_mandatory_ciphers = high > > >> > > > smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem > > >> > > > #instead of below...

..._workaround_threshold_time = 500s lmtp_quit_timeout = 300s lmtp_quote_rfc821_envelope = yes lmtp_randomize_addresses = yes lmtp_rcpt_timeout = 300s lmtp_rset_timeout = 20s lmtp_sasl_auth_enable = no lmtp_sasl_mechanism_filter = lmtp_sasl_password_maps = lmtp_sasl_path = lmtp_sasl_security_options = noplaintext, noanonymous lmtp_sasl_tls_security_options = $lmtp_sasl_security_options lmtp_sasl_tls_verified_security_options = $lmtp_sasl_tls_security_options lmtp_sasl_type = cyrus lmtp_send_xforward_command = no lmtp_sender_dependent_authentication = no lmtp_skip_5xx_greeting = yes lmtp_starttls_timeout = 3...

...ject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, check_policy_service unix:postgrey/socket, permit # reject_unauthenticated_sender_login_mismatch smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous #, noplaintext broken_sasl_auth_clients = yes </snip> so no reject_unknown_helo_hostname check - so why is it throwing them out? Thanks for anyone's insight.

...to my logs - after enabling the CRAM-MD5, many MUAs started to login with that, even though they have logged in with LOGIN/PLAIN up until then). I need the same that can be achieved in Posfix (for authenticated sending via SMTP) with those settings: smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous, nodictionary Is there any way how to achieve this behavior in Dovecot? I'm using Dovecot ver. 2.2.16 (from source) on Centos 7. Since I have already done some research, i believe there is currently no way how to achieve this behavior. Now I&...

...0]: ECA31F3009D: to=< ggarron at hotmail.com>, relay= my.smtp.com, delay=2, status=deferred (Authentication failed: cannot SASL authenticate to server scz.alketech.com[ 200.87.61.8 3]: no mechanism available) i tried with smtp_sasl_security_options = noanonymous smtp_sasl_security_options = noplaintext, noanonymous smtp_sasl_security_options = but never works, with the second i got the error up. with the other it does not even try to login. i also saw this. when i issue this command as root postmap -q my.stmp.com hash:sasl_passwd i go this error Jul 14 13:12:13 garron postfix/postmap[9123]:...

Hello dovecot, I want to have all authorization in one place and don't use Cyrus-SASL. I cobfigure postfix 2.3.3 to use dovecot-SASL. I have next lines in main.cf: smtpd_sasl_security_options = noplaintext,noanonymous smtpd_sasl_tls_security_options = noanonymous But PLAIN and LOGIN are advertised by postfix :( Is it bug of postfix or dovecot-auth? I don't want to disable these mechanisms in auth {} stanza of dovecot.conf, because they are Ok over SSL/TLS. It works for dovecot-pop3 and...

...reject_unauth_pipelining permit_sasl_authenticated smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous I have tried using "dovecot" in place of "private/auth", but it doesn't make any difference. This is the only output from the postfix maillog: Mar 18 08:13:02 scorpio postfix/smtpd[65217]: connect from localhost[127.0.0.1] Mar...

...limiter = + inet_interfaces = all inet_protocols = ipv4 mail_spool_directory = /var/spool/mail smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanomymous smtpd_tls_auth_only = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_sender_login_mismatch smtpd_sasl_local_domain = vexample.com dovecot_destination_recipient_limit = 1 Any help would be...

HI, > You could set > > syslog_facility = local5 > > and have all the log messages in the messages file. According to the output of command # doveadm log find every type of message goes to the file I was looking at, "/var/spool/maillog". >> So, is it postfix doing the local mail delivery, not dovecot? >> > To answer this question please post relevant