Re: Attn: Normal people
smtpd := smtp daemon, actually, the process that you connect to with your email client (outlook, thunderbird, icedove, whatever) to send emails (via SMTP).
sasl := Simple Authentication and Security Layer
auth := authentication
enable := !disable
= := = or "equals"
yes := !no
Basically, it means that for the smtpd daemon, set the "simple authentication and strong security layer" to "enabled" for "authentication". Hope that helps ...
As for wrappermode ... I will quote the postfix TLS readme:
TLS is sometimes used in the non-standard "wrapper" mode where a server always uses TLS, instead of announcing STARTTLS support and waiting for remote SMTP clients to request TLS service. Some clients, namely Outlook [Express] prefer the "wrapper" mode. This is true for OE (Win32 < 5.0 and Win32 >=5.0 when run on a port<>25 and OE (5.01 Mac on all ports).
It is strictly discouraged to use this mode from main.cf. If you want to support this service, enable a special port in master.cf and specify "-o smtpd_tls_wrappermode=yes" (note: no space around the "=") as an smtpd(8) command line option. Port 465 (smtps) was once chosen for this feature.
Basically, email clients tend to issue a STARTTLS to the server to say "Heydo, I wanna talk encrypted, you support that, right?" Outlook uses a wrapper mode instead - postfix discourages you from using it in the readme, I could not find anything in the actual cf file or google explaining why. Apparently non-standard.
Also, you would have to watch with Outlook, sometimes it insists on sending cleartext passwords over the wire, because, well, it detected mail server is not exchange.