I have a Plesk server using Qmail and spamdyke for SMTP - is there a way I can disable the "auth login" and "auth plain" options so clients are forced to send encrypted password? Or at least to only accept plain text password if using TLS?
We are failing PCI compliance scan becuase of the fact that the server accepts plain text passwords for SMTP auth.