ClearFoundation Tracker - ClearOS
View Issue Details
0006041ClearOSapp-smtp - SMTP Serverpublic2015-11-11 11:542020-11-13 05:22
user2 
NickH 
normalminoralways
closedfixed 
7.1.0 
 
0006041: Inconsistent approach to SMTP Authentication
If you have SMTP authentication disabled in the webconfig, it is still enabled for SMTPS (port 465) because of the line:
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
in master.cf.

I believe it should either be disabled (as the webconfig suggests) or enabled for STARTTLS (port 587) as well with:
submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
in master.cf

If it is enabled for STARTTLS as well then the webconfig should make it clear that it SMTP Authentication means port 25 only and that it is enabled anyway on port 465 (and 587).

Note SMTPS was never ratified as a standard so if only one secure method were enabled, arguably it should be STARTTLS and not SMTPS.

Ultimately it would be better to have a switch for each method of authentication.
No tags attached.
related to 0002271closed user2 Inconsistent approach to SMTP Authentication 
Issue History
2015-11-11 11:54user2New Issue
2015-11-11 11:54user2Issue generated from: 0002271
2015-11-11 11:54user2Relationship addedrelated to 0002271
2015-11-11 12:05user2Statusnew => confirmed
2015-11-12 12:54user2SummaryInconsistant approach to SMTP Authentication => Inconsistent approach to SMTP Authentication
2015-11-22 20:40user2Target Version7.1.0 Updates => 7.2.0 Updates
2016-07-07 13:24dloperTarget Version7.2.0 Updates => 7.3.0 Beta 1
2016-11-16 09:12user2Target Version7.3.0 Beta 1 => 7.3.0 Beta 1
2016-11-16 09:19user2Target Version7.3.0 Beta 1 =>
2020-11-13 05:22NickHStatusconfirmed => closed
2020-11-13 05:22NickHAssigned To => NickH
2020-11-13 05:22NickHResolutionopen => fixed

There are no notes attached to this issue.