|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Good high volume IMAP daemon
Subject: Re: Good high volume IMAP daemon
From: Terje Elde (telde
online.no)
Date: Sat Jan 22 2000 - 13:49:00 CST
- Next message: Andrew McNamara: "Virtual local delivery agent"
- Previous message: Bennett Todd: "Re: Good high volume IMAP daemon"
- In reply to: Bennett Todd: "Re: Good high volume IMAP daemon"
- Next in thread: Lutz Jaenicke: "Re: Good high volume IMAP daemon"
- Next in thread: Bennett Todd: "Re: Good high volume IMAP daemon"
- Reply: Terje Elde: "Re: Good high volume IMAP daemon"
- Reply: Lutz Jaenicke: "Re: Good high volume IMAP daemon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
CC:'ing to the list as this could be of interest to others.
* Bennett Todd (betrahul.net) [000122 20:32]:
> 2000-01-22-09:04:01 Terje Elde:
> > > Now I just need to patch Courier-imap to log srcaddr:srcport, patch
> > > stunnel to log the originating port it uses when it connects to
> > > localhost:143 along with the originating IP addr (it already logs
> > > that), and I should be able to teach my pop-before-smtp script to
> > > tie this goo together for [s]imap-before-smtp.
> >
> > You don't need to do that. The users supporting imaps should be able to
> > support smtps as well.
>
> Smtps doesn't help me. I'm not worried about the confidentiality of
> the email; I'm worried about allowing legit users to relay email
> while blocking spammers. pop-before-smtp does this fine, from
> standard clients. I don't know of an smtp auth protocol that's
> widely enough implemented to be worth worrying about trying to use
> it.
What I was thinking is that if you run postfix on port 25, and a ssl
tunnel on port 465 (smtps port) then you could allow connections to both
ports for everyone, on port 25 you deny public relaying, but on port 465
you allow public relaying, but before you pass the connection down to port
25 you force the user to authenticate himself using ssl.
That way, you'd have a solution that would smtps capable clients to send
mail without problems.
As for widely implemented smtps protocols, how about outlook and netscape?
AFAIK they both support this.
For the config itself I know you could easily do it by setting a
environment variable if the connection came from 127.0.0.1 (which it would
when the ssl server connects to the smtp server), but I'm a bit unsure of
how to do this with postfix. Any bright ideas?
Terje Elde
- application/pgp-signature attachment: stored
- Next message: Andrew McNamara: "Virtual local delivery agent"
- Previous message: Bennett Todd: "Re: Good high volume IMAP daemon"
- In reply to: Bennett Todd: "Re: Good high volume IMAP daemon"
- Next in thread: Lutz Jaenicke: "Re: Good high volume IMAP daemon"
- Next in thread: Bennett Todd: "Re: Good high volume IMAP daemon"
- Reply: Terje Elde: "Re: Good high volume IMAP daemon"
- Reply: Lutz Jaenicke: "Re: Good high volume IMAP daemon"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sat Jan 22 2000 - 14:07:50 CST