It appears that roundcube is connecting to the local SMTP server over TLS, even though I explicitly set it to not use SSL or TLS:
// the mail host chosen to perform the log-in // leave blank to show a textbox at login, give a list of hosts // to display a pulldown menu or set one host as string. // To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// $rcmail_config['default_host'] = 'localhost';
Postfix logs showing the TLS connection being established, example.com replacing the innocent domains:
Oct 11 01:20:26 server2 postfix/smtpd[12765]: connect from localhost.localdomain[127.0.0.1] Oct 11 01:20:26 server2 postfix/smtpd[12765]: setting up TLS connection from localhost.localdomain[127.0.0.1] Oct 11 01:20:26 server2 postfix/smtpd[12765]: TLS connection established from localhost.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Oct 11 01:20:26 server2 postfix/smtpd[12765]: 7D1563BD48: client=localhost.localdomain[127.0.0.1], sasl_method=LOGIN, sasl_username=russell@example.com Oct 11 01:20:26 server2 postfix/cleanup[12769]: 7D1563BD48: warning: header Subject: asdasddsa from localhost.localdomain[127.0.0.1]; from=russell@example.com to=rjones@example.com proto=ESMTP helo=<www.example.com>
I think it's great and all that it is so ambitious, but I was really hoping it would do what I told it to do :) What am I missing here? _______________________________________________ List info: http://lists.roundcube.net/users/
On Sun, 11 Oct 2009 01:21:48 -0500, Russell Jones rjones@eggycrew.com wrote:
It appears that roundcube is connecting to the local SMTP server over TLS, even though I explicitly set it to not use SSL or TLS:
// the mail host chosen to perform the log-in // leave blank to show a textbox at login, give a list of hosts // to display a pulldown menu or set one host as string. // To use SSL/TLS connection, enter hostname with prefix ssl:// or
tls://
$rcmail_config['default_host'] = 'localhost';
The reason is simple. PEAR::Net_SMTP library has no option to force plain connection. It uses TLS if server returns STARTTLS capability.
Could use http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_ma... to ensure starttls isn't offered on 127.0.0.1