Am Montag, 5. April 2004 14:50 schrieb Markus Feilner:
Hello List, First of all thanks to all the helpful people out there! I have postfix, cyrus and saslauthd running on a suse 9.0 box. postfix and cyrus use tls and sslauthd to authenticate users against pam. In my /etc/pam.d/smtp and imap files i have working definitions for active directory/samba3/winbind, so that both local linux users and windows users can access the mailserver.
But: With this combination, only few possibilities are left for encryption: - imap is sort of ok (I hope), since this is manged over ssl, however I would prefer cramd or digest encryption additionally. But I was told: this does not work not with saslauthd and pam. Why?
- If I activate tls in postfix, local delivery to cyrus fails with the message: MUST ISSUE A STARTTLS COMMAND.
So my questions are: 1) How can I make my setup more secure? 2) How can I setup postfix with cyrus and tls and working local delivery? I can send relevant config files, if you wish. -- Mit freundlichen Grüßen Markus Feilner -- Linux Solutions, Training, Seminare und Workshops - auch Inhouse Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg fon: +49 941 70 65 23 - mobil: +49 170 302 709 2 web: http://feilner-it.net mail: mfeilner@feilner-it.net Sorry, i was not precise enough: I am also using postfix-amavis-clamd, and the error about STARTTLS is as follows:
amavis[4769]: (XXZeTx4P) mail_via_smtp: 530 5.5.0 Rejected by MTA: 530 Must issue a STARTTLS command first, id=XXZeTx4P It comes from amavis... I tried to fix it in master.cf with " -o smtpd_use_tls=no" in the line where the smtpd on port 10025 is started, without success. Any ideas? Thank you! -- Mit freundlichen Grüßen Markus Feilner -- Linux Solutions, Training, Seminare und Workshops - auch Inhouse Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg fon: +49 941 70 65 23 - mobil: +49 170 302 709 2 web: http://feilner-it.net mail: mfeilner@feilner-it.net