search for: tls_readme

Displaying 13 results from an estimated 13 matches for "tls_readme".

2019 Dec 04
2
Forcing TLS for SMTP?
I have a goal of securing email. Updated the company mail server and DNS (CentOS 7 + Postfix, otherwise pretty stock) with support for SPF, DKIM, and DMARC. So far, all good, and everything "just works". Our mail server has supported SMTP / TLS for a long time, but recently I've been considering requring TLS all the time. Is there anybody here who's done this? Has it
2013 Apr 06
1
replicator/dsync over tcp
...unless you put it into the CA dir (I don't know how exactly that works). I did get tcps running in the meantime following: 1. http://www.zytrax.com/tech/survival/ssl.html ("Method 3" plus "Multi-Server Certificates") 2. postfix' documentation at http://www.postfix.org/TLS_README.html#server_cert_key (here I had to reverse order, meaning CA first) 3. pointing ssl_cert, ssl_key to relevant files in /<path-to>/ssl/ca/certs and /<path-to>/ssl/ca/private, respectively 4. ssl_client_ca_dir = /<path-to>/ssl/ca/certs Question: Why is it neccessary to use ssl_ce...
2010 Jul 30
3
relay access denied problem thru iphone imap auth
...S parameters smtpd_tls_cert_file = /etc/ssl/certs/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = mydomain.com alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = mydomain.com, localhost mynetworks = 127.0.0....
2019 Dec 04
2
Forcing TLS for SMTP?
...rcing tls must not be used on public facing mail servers. So if you want to enforce tls to ensure encryption on purely internal mail servers, that is fine but your external facing smtp servers must not enforce tls. See the Postfix tls documentation for more information: http://www.postfix.org/TLS_README.html
2019 Dec 04
0
Forcing TLS for SMTP?
...facing mail servers. > > So if you want to enforce tls to ensure encryption on purely internal > mail servers, that is fine but your external facing smtp servers must > not enforce tls. > > See the Postfix tls documentation for more information: > > http://www.postfix.org/TLS_README.html s there a useful defense against STARTTLS being stripped from unencrypted communications? https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks Our company sometimes does business in countries hostile to encryption and if there's a means to enforce this appropriately, I...
2015 Sep 02
0
Infra: (START)TLS support for centos.org MX nodes
...S support, traffic between your SMTP server (or the one from your ISP, that you're using as SMTP relay) and our servers will be encrypted. * If not, it will still be sent in clear, as before More information about "Opportunistic TLS" support for Postfix here : http://www.postfix.org/TLS_README.html#client_tls_may Should you encounter an issue, feel free to either report it on https://bugs.centos.org, or in #centos-devel on irc.freenode.net. on behalf of the Infra team, - -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -----BEGIN PGP SI...
2012 Mar 12
1
Trouble adding sasl support via dovecot
...the impression from the baove sources that Postfix will then use Dovecot's authentication mechanism via a socket it finds in its private/auth subdirectory. NOT documented in any of those places, someone suggested I must turn on TLS. OK... The documentation found here: http://www.postfix.org/TLS_README.html claims (intimates) that it's not possible to run a site on a self-signed certificate, however, there's ZERO budget for a signed certificate, so unless I can get one for ten bucks somewhere, that could be a deal-breaker here. However, we've been using self-signed certificates for a...
2012 Feb 08
1
TLS support on postfix
Hi List, I have a postfix server based on CentOS 5 in which I have been trying to add TLS encryption support for SMTP. From the localhost when I do an EHLO, following is the output [root at xxxxxxx ~]# nc localhost 25 220 xxxxxxx.xxxx.xxx.xx ESMTP Postfix EHLO localhost 250-xxxxxxx.xxxx.xxx.xx 250-PIPELINING 250-SIZE 41943040 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN
2007 Sep 06
2
asterisk voicemail to email and relaying
Hi list, I'm trying to get some ideas on this subject. Normally astersik sends emails with voicemail attached trough local MTA. As far as i know there is no way for asterisk to authenticate to an external mailserver to relay these emails. Well, these days every provider has some sort of spam blocking, to add to that usually users of asterisk are behid a dynamic IP with no PTR and list grows
2010 Dec 04
3
passdb pam and userdb passwd "Authentication failure" errors
While using Ubuntu 10.10 + Dovecot 1.2.12 + Postfix 2.7.1-1: To enable virtual accounts, I am using the following /etc/dovecot/auth.d/virtualsomename.auth file: passdb passwd-file { args = /etc/dovecot/passwd } userdb static { args = uid=vmail gid=vmail home=/home/vmail/%u } EOT cat /etc/dovecot/passwd looks like this: test:{PLAIN}pass bill:{PLAIN}secret timo at
2010 Aug 11
2
passwd(contact@akairnet.com, 91.121.76.71): unknown user
...le = /etc/ssl/certs/postfix.pem smtpd_tls_key_file = /etc/ssl/private/postfix.pem smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_tls_auth_only = yes # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = mail.akairnet.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = mail.akairnet.com mydestination = localhost, localhost.akairnet.com, akairnet.com #local_recipient_maps =...
2013 Apr 12
4
Dovecot / Postfix
...# TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = pop3.companycouk.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = ccpop.itco.co, localhost, localhost.localdomain, companycoServer1, compa...
2015 Sep 03
0
CentOS-announce Digest, Vol 127, Issue 2
...S support, traffic between your SMTP server (or the one from your ISP, that you're using as SMTP relay) and our servers will be encrypted. * If not, it will still be sent in clear, as before More information about "Opportunistic TLS" support for Postfix here : http://www.postfix.org/TLS_README.html#client_tls_may Should you encounter an issue, feel free to either report it on https://bugs.centos.org, or in #centos-devel on irc.freenode.net. on behalf of the Infra team, - -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -----BEGIN PGP SI...