ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002271ClearOSapp-smtp - SMTP Serverpublic2015-03-22 12:042017-10-11 08:22
ReporterNickH 
Assigned Touser2 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionsuspended 
PlatformOSOS Version
Product Version6.6.0 
Target Version6.9.0 UpdatesFixed in Version 
Summary0002271: Inconsistent approach to SMTP Authentication
DescriptionIf you have SMTP authentication disabled in the webconfig, it is still enabled for SMTPS (port 465) because of the line:
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
in master.cf.

I believe it should either be disabled (as the webconfig suggests) or enabled for STARTTLS (port 587) as well with:
submission inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes
in master.cf

If it is enabled for STARTTLS as well then the webconfig should make it clear that it SMTP Authentication means port 25 only and that it is enabled anyway on port 465 (and 587).

Note SMTPS was never ratified as a standard so if only one secure method were enabled, arguably it should be STARTTLS and not SMTPS.

Ultimately it would be better to have a switch for each method of authentication.
TagsNo tags attached.
Attached Files

- Relationships
related to 0006041closedNickH Inconsistent approach to SMTP Authentication 

-  Notes
(0006641)
user2
2017-10-11 08:22

Still tracked in ClearOS 7 (0006041), but closing for ClearOS 6.

- Issue History
Date Modified Username Field Change
2015-03-22 12:04 NickH New Issue
2015-03-23 12:14 user2 Status new => acknowledged
2015-11-11 11:54 user2 Target Version => 6.8.0 Beta 1
2015-11-11 11:54 user2 Issue cloned: 0006041
2015-11-11 11:54 user2 Relationship added related to 0006041
2016-02-16 11:39 user2 Summary Inconsistant approach to SMTP Authentication => Inconsistent approach to SMTP Authentication
2016-06-09 08:34 user2 Target Version 6.8.0 Beta 1 => 6.8.0 Updates
2017-03-21 08:41 user2 Target Version 6.8.0 Updates => 6.9.0 Updates
2017-10-11 08:22 user2 Note Added: 0006641
2017-10-11 08:22 user2 Status acknowledged => closed
2017-10-11 08:22 user2 Assigned To => user2
2017-10-11 08:22 user2 Resolution open => suspended