SASL Auth: force ssl/tls connections.

install_postfix_base.sh

@@ -602,20 +602,21 @@ if $SASL_AUTH ; then
 # Enable SASL authentication
 smtp_sasl_auth_enable = yes
 
+# Only offer SMTP AUTH when talking over an encrypted connection
+smtpd_tls_auth_only = yes
+
 # Forwarding to the ip-adress of host b.mx.oopen.de
 relayhost = [${RELAY_HOST}]
 
 # File including login data
 smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 
-# Force using a (TLS) security connection
-# obsulete - use smtp_tls_security_level instead
-#smtp_use_tls = yes
-#smtp_tls_enforce_peername = no
-smtp_tls_security_level = encrypt
-
 # Disallow methods that allow anonymous authentication.
 smtp_sasl_security_options = noanonymous
+smtpd_sasl_tls_security_options = \$smtpd_sasl_security_options
+
+# Report the SASL authenticated user name in the smtpd(8) Received message header. 
+smtpd_sasl_authenticated_header = no