Hey guys, hope you are journeying well!
I have a little question. I was able to get STARTTLS and SSL/TLS ports working by copying the certs to dovecot and postfix, and then uncommenting the 6 lines in master.cf.
Now I can send and recieve mail securely… at least I think so.
However I am noticing in the logs that it says:
Does this mean it isn’t secure? Does this mean the password and username is being passed in plain text? If so, how do I enable secure authentication? Right now I can set it to use SSL/TLS on port 465 and send and it works once I confirm the cert warning. However, I can’t check Use secure authentication or it says the server doesn’t support secure authentication.
You should be able to tell your client to always use SSL or TLS, and not fallback to a plaintext protocol.
If you have that setup, then you’re good! Regardless of how the password itself is passed through, so long as it’s used within that SSL/TLS tunnel that your email client uses, you should be in good shape.
I think I am ok then because I’m using Thunderbird and in the config editor everything that says plain says false. It still comes up saying PLAIN in the logs but if I understand what you are saying correctly its being sent through SSL/TLS to the server so I don’t have to worry.
I don’t know about Outlook though since thats actually what the clients are using on their server but I guess thats something they will have to worry about.
Thanks again =)