PCI fail: Smartermail v15 plain text allowed port 25
Problem reported by Paul - July 25, 2016 at 11:47 AM
Submitted
After upgrading SM14 - SM15 (15.0.5962) we now fail PCI as plaintext login is allowed on Port 25.
 
- The relevant cipher suites are loaded (we are stil on TLS1.0 due to some software dependencies - annoying)
- Port 25 is configured for TLS (cert checks out)
- Allow relay for authenticated users is checked
- Enable domain's SMTP auth settings is checked
- Disable AUTH LOGIN is checked
 
However I can still telnet into a plaintext login on that port, so we fail PCI.  I remember that in SM14 the disable auth-login resolved the problem, and we passed PCI, but now the problem has re-emerged..I wonder has a bug crept in?

Reply to Thread