[opensuse] 11.1 as full mail server
Hello, It's not the first time I ask questions about this, but I slowly go forward (and sometime back :-(), so it may be good to try to ask again. I try to build a small mail server with a 11.1 install. IP/Domain name of it's own. Right now postfix, dovecot, pop-before-smtp Summary here: http://dodin.org/wiki/index.php?n=Doc.OpenSUSE-small-server only openSUSE recent page is this one: http://en.opensuse.org/Mail_server_HOWTO right now, I only can receive the messages sent to this server and fetch them from my home (that is the essential work), but with plain text authentification. I *can* use TLS to fetch the mail, but even when I have said I can trust the self made certificate, Thunderbird keep asking me at each connection (any 10 minutes!) so it's not usable. * how can I fetch may mail securely without this problem (I can use pop3, imap, pop3s or imaps)? * I would like to use my server to send mails from my home (true smtp server). How can I do this, knowing y home moves (my home=my laptop). I can't get pop-before-smtp work thanks jdd -- http://www.dodin.net http://valerie.dodin.org http://news.opensuse.org/2009/04/13/people-of-opensuse-jean-daniel-dodin/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jdd wrote:
I *can* use TLS to fetch the mail, but even when I have said I can trust the self made certificate, Thunderbird keep asking me at each connection (any 10 minutes!) so it's not usable. * how can I fetch may mail securely without this problem (I can use pop3, imap, pop3s or imaps)?
I think you need a certificate with no password.
* I would like to use my server to send mails from my home (true smtp server). How can I do this, knowing y home moves (my home=my laptop). I can't get pop-before-smtp work
I've been using pop-before-smtp for 2-3 years, it works very well. If that is sufficient, let's fix your setup. If not, I would suggest using SASL. I've recently set up a mail-server relay with SASL, it wasn't too difficult. /Per -- Per Jessen, Zürich (20.8°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jdd wrote:
I *can* use TLS to fetch the mail, but even when I have said I can trust the self made certificate, Thunderbird keep asking me at each connection (any 10 minutes!) so it's not usable.
---- There's an app for that... Er, T-Bird extension: "Remember Mismatch Somains" -- "Adds a 'don't ask me again' option to the Domain Name Mismatch Security Error window. Works like a charm for self-made security cert warnings as well. It logs your site as a special exception and you don't get the warning anymore. https://addons.mozilla.org/en-US/thunderbird/search?q=Remember+Mismatched+Domains&cat=all
* how can I fetch may mail securely without this problem (I can use pop3, imap, pop3s or imaps)?
---- I use it with imaps. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Linda Walsh a écrit :
It logs your site as a special exception and you don't get the warning anymore.
https://addons.mozilla.org/en-US/thunderbird/search?q=Remember+Mismatched+Domains&cat=all
very good! thanks jdd -- http://www.dodin.net http://valerie.dodin.org http://news.opensuse.org/2009/04/13/people-of-opensuse-jean-daniel-dodin/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
jdd wrote:
I *can* use TLS to fetch the mail, but even when I have said I can trust the self made certificate, Thunderbird keep asking me at each connection (any 10 minutes!) so it's not usable.
Actually, was just thinking. If you setup your self as your own Root signer, and sign your key, you should be able to import your Root key as a trusted signer (!* somehow *!). Companies do it for internal use all the time -- they may want to encrypt communications internally, and inside the company -- they can trust themselves as 'root signers'. Only thing you have to be careful of is allowing your root-signing key to get out into enemy hands..but that should be unlikely provided you don't put it out on the internet for the taking... maybe store it on a USB key you keep under your mattress -- or wherever you store things you are trying to hide--but just laying in a drawer -- unless someone breaks into your place, you are likely pretty safe. I don't remember the process, but I did it one time in the past -- and usually have to figure out how to redo it all over again everytime I want to generate a new valid key. I just use the openssl documentation.... linda -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Linda Walsh a écrit :
jdd wrote:
I *can* use TLS to fetch the mail, but even when I have said I can trust the self made certificate, Thunderbird keep asking me at each connection (any 10 minutes!) so it's not usable.
Actually, was just thinking. If you setup your self as your own Root signer, and sign your key, you should be able to import your Root key as a trusted
yes, I know, I tried to do so, but it's a config nightmare :-( I gave up and will try your other trick thanks jdd -- http://www.dodin.net http://valerie.dodin.org http://news.opensuse.org/2009/04/13/people-of-opensuse-jean-daniel-dodin/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
jdd
-
Linda Walsh
-
Per Jessen