The following lines were added (+) and removed (-):
=== Encryption ===SASL is able to provide a mechanism to authenticate remote users by username and password trying to relay mail. The mechanism has users sending their authentication information as plain unencrypted text. Because packets can be intercepted, and the username password combinations easily read, there is a need to encrypt the connection. Encryption options include SSL (Secure Sockets Layer) or TLS (Transport Layer Security) - note that SSL was renamed TLS by the IETF as of version 3.1. == Testing ==We know that SASL can use the PAM framework to authenticate credentials. We can test this. saslauthd -a pamPAM configuration for the Postfix SMTP server is usually given in /etc/pam.d/smtp saslauthd -a rimap -O mail.foo.comRemember that saslauthd sends IMAP login information unencrypted (see Encryption above). There is a testsaslauthd utility to test saslauthd authentication where a username and password are given as command line arguments. testsaslauthd -s smtp -u username -p password {{:Sparse Entry}}