Alexander Dalloz <ad+lists@uni-x.org> wrote:

Am Do, den 02.02.2006 schrieb spart cus um 16:36:

> Got it working now.Thanks for all the help. Im still
> on studying sasl for postfix. Is it more secure to
> limit the mech_list to just plain and login ? Im not
> using TLS support for this.

Do not propagate any mechanism which your server setup does not really
is able to handle. So restricting the offered mech list to plain and
login when using saslauthd is the proper thing to do.
You should protect the user's authentication data transmitted in
cleartext (just base64 encoded) over the wire by enforcing TLS.

Alexander

I've already limit my mech_list to plain and login. What about for TLS? I've google for it and it seems they are used for debian packages. Is there a good site for centos setup ? just like what i did on this, i've found a site setting up the mail server for centos but without the tls. dont want to mess up coz my mail server is already running well.tnx again for the helo.