Displaying 13 results from an estimated 13 matches for "tls_readm".
Did you mean:
tls_readme
2019 Dec 04
2
Forcing TLS for SMTP?
I have a goal of securing email. Updated the company mail server and DNS
(CentOS 7 + Postfix, otherwise pretty stock) with support for SPF, DKIM, and
DMARC. So far, all good, and everything "just works".
Our mail server has supported SMTP / TLS for a long time, but recently I've
been considering requring TLS all the time.
Is there anybody here who's done this? Has it
2013 Apr 06
1
replicator/dsync over tcp
...unless you put it into the CA dir (I don't know how exactly that works).
I did get tcps running in the meantime following:
1. http://www.zytrax.com/tech/survival/ssl.html ("Method 3" plus "Multi-Server Certificates")
2. postfix' documentation at http://www.postfix.org/TLS_README.html#server_cert_key (here I had to reverse order, meaning CA first)
3. pointing ssl_cert, ssl_key to relevant files in /<path-to>/ssl/ca/certs and /<path-to>/ssl/ca/private, respectively
4. ssl_client_ca_dir = /<path-to>/ssl/ca/certs
Question: Why is it neccessary to use ssl_c...
2010 Jul 30
3
relay access denied problem thru iphone imap auth
...S parameters
smtpd_tls_cert_file = /etc/ssl/certs/server.crt
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mydomain.com
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mydomain.com, localhost
mynetworks = 127.0.0...
2019 Dec 04
2
Forcing TLS for SMTP?
...rcing tls must not be used on public
facing mail servers.
So if you want to enforce tls to ensure encryption on purely internal
mail servers, that is fine but your external facing smtp servers must
not enforce tls.
See the Postfix tls documentation for more information:
http://www.postfix.org/TLS_README.html
2019 Dec 04
0
Forcing TLS for SMTP?
...facing mail servers.
>
> So if you want to enforce tls to ensure encryption on purely internal
> mail servers, that is fine but your external facing smtp servers must
> not enforce tls.
>
> See the Postfix tls documentation for more information:
>
> http://www.postfix.org/TLS_README.html
s there a useful defense against STARTTLS being stripped from unencrypted
communications?
https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks
Our company sometimes does business in countries hostile to encryption and if
there's a means to enforce this appropriately, I...
2015 Sep 02
0
Infra: (START)TLS support for centos.org MX nodes
...S support, traffic
between your SMTP server (or the one from your ISP, that you're using
as SMTP relay) and our servers will be encrypted.
* If not, it will still be sent in clear, as before
More information about "Opportunistic TLS" support for Postfix here :
http://www.postfix.org/TLS_README.html#client_tls_may
Should you encounter an issue, feel free to either report it on
https://bugs.centos.org, or in #centos-devel on irc.freenode.net.
on behalf of the Infra team,
- --
Fabian Arrotin
The CentOS Project | http://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab
-----BEGIN PGP S...
2012 Mar 12
1
Trouble adding sasl support via dovecot
...the impression from the baove sources that Postfix will then use
Dovecot's authentication mechanism via a socket it finds in its
private/auth subdirectory.
NOT documented in any of those places, someone suggested I must turn on
TLS. OK...
The documentation found here:
http://www.postfix.org/TLS_README.html
claims (intimates) that it's not possible to run a site on a self-signed
certificate, however, there's ZERO budget for a signed certificate, so
unless I can get one for ten bucks somewhere, that could be a
deal-breaker here. However, we've been using self-signed certificates for...
2012 Feb 08
1
TLS support on postfix
Hi List,
I have a postfix server based on CentOS 5 in which I have been trying to add TLS encryption support for SMTP.
From the localhost when I do an EHLO, following is the output
[root at xxxxxxx ~]# nc localhost 25
220 xxxxxxx.xxxx.xxx.xx ESMTP Postfix
EHLO localhost
250-xxxxxxx.xxxx.xxx.xx
250-PIPELINING
250-SIZE 41943040
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN
2007 Sep 06
2
asterisk voicemail to email and relaying
Hi list,
I'm trying to get some ideas on this subject.
Normally astersik sends emails with voicemail attached trough local MTA.
As far as i know there is no way for asterisk to authenticate to an external
mailserver to relay these emails.
Well, these days every provider has some sort of spam blocking, to add to
that usually users of asterisk are behid a dynamic IP with no PTR and list
grows
2010 Dec 04
3
passdb pam and userdb passwd "Authentication failure" errors
While using Ubuntu 10.10 + Dovecot 1.2.12 + Postfix 2.7.1-1:
To enable virtual accounts, I am using the
following /etc/dovecot/auth.d/virtualsomename.auth file:
passdb passwd-file {
args = /etc/dovecot/passwd
}
userdb static {
args = uid=vmail gid=vmail home=/home/vmail/%u
}
EOT
cat /etc/dovecot/passwd looks like this:
test:{PLAIN}pass
bill:{PLAIN}secret
timo at
2010 Aug 11
2
passwd(contact@akairnet.com, 91.121.76.71): unknown user
...le = /etc/ssl/certs/postfix.pem
smtpd_tls_key_file = /etc/ssl/private/postfix.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_auth_only = yes
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.akairnet.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = mail.akairnet.com
mydestination = localhost, localhost.akairnet.com, akairnet.com
#local_recipient_maps =...
2013 Apr 12
4
Dovecot / Postfix
...# TLS parameters
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = pop3.companycouk.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = ccpop.itco.co, localhost, localhost.localdomain,
companycoServer1, comp...
2015 Sep 03
0
CentOS-announce Digest, Vol 127, Issue 2
...S support, traffic
between your SMTP server (or the one from your ISP, that you're using
as SMTP relay) and our servers will be encrypted.
* If not, it will still be sent in clear, as before
More information about "Opportunistic TLS" support for Postfix here :
http://www.postfix.org/TLS_README.html#client_tls_may
Should you encounter an issue, feel free to either report it on
https://bugs.centos.org, or in #centos-devel on irc.freenode.net.
on behalf of the Infra team,
- --
Fabian Arrotin
The CentOS Project | http://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab
-----BEGIN PGP S...