54582 - SMTP Service Cleartext Login Permitted

Can it be easily changed?

Should I look for this option here and what can I change the plaintext parameter to?


begin authenticators

driver = plaintext
public_name = LOGIN
hide client_send = : SMTP_RELAY_USER : SMTP_RELAY_PASS

Information from the scanner:

The remote host is running an SMTP server that advertises that it allows cleartext logins over unencrypted connections. An attacker may be able to uncover user names and passwords by sniffing traffic to the server if a less secure authentication mechanism (i.e. LOGIN or PLAIN) is used.
See Also

Configure the service to support less secure authentication mechanisms only over an encrypted channel.

Plugin Output

The SMTP server advertises the following SASL methods over an
unencrypted channel on port 587 :

All supported methods : LOGIN, PLAIN
Cleartext methods : LOGIN, PLAIN

Close port 587 and force the user to use 465 …

I can’t use 465.
I have to use 587.

I don’t use the email service on Hestia, nor do I use exim, but based on my postfix configuration of the submission service, which only accepts passwords after the STARTTLS verb, I would expect that such a configuration is possible in exim on Hestia.