From: Alexander Hoogerhuis (alexhboxed.no)
Date: Thu Dec 13 2007 - 13:49:56 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Victor Duchovni wrote:
> On Thu, Dec 13, 2007 at 12:49:52PM -0500, Wietse Venema wrote:
>
>> Alexander Hoogerhuis:
>>> A quick question regarding postfix 2.4 and authentiation:
>>>
>>> Is there any similar mechinsm to smtp_sasl_password_maps that would
>>> allow postfix as a server to have a simple map of remote IP/network and
>>> user:pass stored, and not having to go through using full SASL?
>
> The simplest out-of-the-box solution is a TLS client cert and
> check_ccert_access. This gives you both a secure-channel for
> authentication and authentication in one step.
>

Thanks for the quick feedback. I did look into this and run a private CA
so I can issue client certs, but Exchange 2000/2003 looked troublesome
to implement as clients for postfix this way. I'd love to be proven
wrong, but that's the scope of some other list or forum. :)

-A

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]