ClearFoundation Tracker - ClearOS | ||||||||||
| View Issue Details | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |||||
| 0006041 | ClearOS | app-smtp - SMTP Server | public | 2015-11-11 11:54 | 2020-11-13 05:22 | |||||
| Reporter | user2 | |||||||||
| Assigned To | NickH | |||||||||
| Priority | normal | Severity | minor | Reproducibility | always | |||||
| Status | closed | Resolution | fixed | |||||||
| Platform | OS | OS Version | ||||||||
| Product Version | 7.1.0 | |||||||||
| Target Version | Fixed in Version | |||||||||
| Summary | 0006041: Inconsistent approach to SMTP Authentication | |||||||||
| Description | If you have SMTP authentication disabled in the webconfig, it is still enabled for SMTPS (port 465) because of the line: smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes in master.cf. I believe it should either be disabled (as the webconfig suggests) or enabled for STARTTLS (port 587) as well with: submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes in master.cf If it is enabled for STARTTLS as well then the webconfig should make it clear that it SMTP Authentication means port 25 only and that it is enabled anyway on port 465 (and 587). Note SMTPS was never ratified as a standard so if only one secure method were enabled, arguably it should be STARTTLS and not SMTPS. Ultimately it would be better to have a switch for each method of authentication. | |||||||||
| Steps To Reproduce | ||||||||||
| Additional Information | ||||||||||
| Tags | No tags attached. | |||||||||
| Relationships |
| |||||||||
| Attached Files | ||||||||||
| Issue History | ||||||||||
| Date Modified | Username | Field | Change | |||||||
| 2015-11-11 11:54 | user2 | New Issue | ||||||||
| 2015-11-11 11:54 | user2 | Issue generated from: 0002271 | ||||||||
| 2015-11-11 11:54 | user2 | Relationship added | related to 0002271 | |||||||
| 2015-11-11 12:05 | user2 | Status | new => confirmed | |||||||
| 2015-11-12 12:54 | user2 | Summary | Inconsistant approach to SMTP Authentication => Inconsistent approach to SMTP Authentication | |||||||
| 2015-11-22 20:40 | user2 | Target Version | 7.1.0 Updates => 7.2.0 Updates | |||||||
| 2016-07-07 13:24 | dloper | Target Version | 7.2.0 Updates => 7.3.0 Beta 1 | |||||||
| 2016-11-16 09:12 | user2 | Target Version | 7.3.0 Beta 1 => 7.3.0 Beta 1 | |||||||
| 2016-11-16 09:19 | user2 | Target Version | 7.3.0 Beta 1 => | |||||||
| 2020-11-13 05:22 | NickH | Status | confirmed => closed | |||||||
| 2020-11-13 05:22 | NickH | Assigned To | => NickH | |||||||
| 2020-11-13 05:22 | NickH | Resolution | open => fixed | |||||||
| There are no notes attached to this issue. |