On 22/01/14 15:09, basti wrote:
> Ok, thanks for that tip.
> Now a Test connection looks like:
>
> telnet myserver.de 25
> Trying 1.1.1.1...
> Connected to unix-solution.de.
> Escape character is '^]'.
> 220 mail.myserver.de ESMTP Exim 4.80 Wed, 22 Jan 2014 14:39:54 +0100
> ehlo localhost
> 250-mail.myserver.de Hello p578a6f5e.dip0.t-ipconnect.de [1.1.1.2]
> 250-SIZE 209715200
> 250-8BITMIME
> 250-PIPELINING
> 250-STARTTLS
> 250 HELP
> quit
> 221 mail.myserver.de closing connection
> Connection closed by foreign host.
>
> did this mean that fist of all the connection is encrypt by starttls?
A client usually uses STARTTLS first and issues another EHLO to get new or
changed capabilities. Then he sees the AUTH. You can check that with
"openssl s_client -starttls smtp ...", swaks
(
http://www.jetmore.org/john/code/swaks/) or smtptest from cyrus-imapd.
> next I have try md5-cram and get the following error:
> (received and digest are anonymised)
Sorry, can't help with that. I used CRAM/DIGEST-MD5 with SASL only some
years ago. I've no experience with your kind of setup.
Personally I wouldn't use both for new installations. LOGIN/PLAIN after
STARTTLS is just fine.
Greetings, Wolfgang
--
Wolfgang Breyha <wbreyha@???> |
http://www.blafasel.at/
Vienna University Computer Center | Austria