Insecure auth – do we keep it commented out?

[rimas-kudelis]

In #210 we had a conversation about whether or not to keep support for the AUTH_SERVER_ALLOW_NOTLS_PASSWORDS macro, which, if enabled, allows authentication over unsecured connections. The arguments in favor of this feature are that there might be scanners/copiers or other hardware which would need to send emails, but doesn't support modern TLS ciphers. This is a good point, but I'm still reluctant to leave this feature as it is. Perhaps we could use a hostlist instead of a boolean variable, to make this insecurity possible, but only for selected hosts?

[Udera]

We could change the condition (with ip range):

      server_advertise_condition = ${if or{\
        {!eq{$tls_cipher}{}}\
        {match_ip {$sender_host_address}{@[]}}\
        {match_ip {$sender_host_address}{192.168.1.1/24}}\
        }\
        {*}{}}

or port (which needs to be opened):

      server_advertise_condition = ${if or{\
        {!eq{$tls_cipher}{}}\
        {match_ip {$sender_host_address}{@[]}}\
        {eq{$received_port}{8825}}\
        }\
        {*}{}}

Or we combine both? Only on a specific port from a specific ip range?

We can also remove this from the default configuration and move this feature to the documentation only.

[Udera]

Or we just remove it, we can put my examples in the wiki. If people really need it, they can put it there and we don't clutter our config files (hoping that it is not needed).