0

I'm following this postfix guide and im stuck at Authentication (SASL) point. I did all as i should without problem, but still i can login to smtp without any login/password. Im doing telnet 127.0.0.1 25 and i dont have to provide any password.

Whats more, my goal is to use SHA1 as password hash method in database. Im really confused right now. Im finding misleading posts that i should use TLS instead of SASL or use Dovecot etc.

What im doing wrong? I lost point of using SASL at all, dont understand this.

WombaT
  • 157
  • 1
  • 9

1 Answers1

1

I'm guessing you have the following in your main.cf:

smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, 
    warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain,
    reject_unauth_pipelining, permit

If you want to test SASL try changing the above to this:

smtpd_sender_restrictions = permit_sasl_authenticated, reject

Also, I think the last "permit" should be a "reject" when you are done testing.

As to the TLS part, the guide you are following includes steps which enforce TLS before authentication.

Patryk Sidzina
  • 78
  • 3