[TriLUG] Securing Mail services
Tanner Lovelace
lovelace at wayfarer.org
Fri Jan 4 13:03:30 EST 2002
On Fri, 2002-01-04 at 08:21, Kevin - The Alchemist - Sonney wrote:
> But now I'd like to allow secure SMTP with SSL and User Login for
> relaying. Sure, it'll still listen on 25 for inbound mail, but now I'd
> like to let my users relay mail securely (with a login, of course).
Do you want to setup an SMTP server with STARTTLS or do you want
to run the SSL version on a different port (i.e. port 465, which
is the recommended one for SMTP over SSL)? Both ways are functionally
equivalent, but STARTTLS requires that help from the MTA while
SMTPS can be done with stunnel.
As far as user login is concerned, I'm running a version of qmail
with smtpauth patches to allow that and it works very well. (I also
run smtps, but not STARTTLS...) I believe postfix can be setup
with this (and the ssl stuff) fairly easily also.
Tanner
--
Tanner Lovelace | lovelace at wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
Those who are willing to sacrifice essential liberties for a little
order, will lose both and deserve neither. -- Benjamin Franklin
History teaches that grave threats to liberty often come in times
of urgency, when constitutional rights seem too extravagant to
endure. -- Justice Thurgood Marshall, 1989
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20020104/209c8361/attachment.pgp>
More information about the TriLUG
mailing list