On Fri, 2003-01-24 at 11:01, Peter William Lount wrote:
> How can courier be setup to allow "valid esmtpd reception (with and without
> SSL/TLS)" while also allowing "encrypted (SSL/TLS) ONLY authorized relaying"
> (from any ip address)?
...
> A) One solution that has been proposed is to run another courieresmtpd
> daemon on port 465. However there is confusion over wether or not this port
> is still in use.
Courier supports it. Most mail clients do, too. If your customers use
such clients, then this whole thing is easy to solve: configure their
clients to use the alternate port and only configure authentication for
the esmtpd-ssl service.
It's also possible to configure ESMTPAUTH="" and ESMTPAUTH_TLS="PLAIN
LOGIN". Courier will then not advertise the AUTH methods until a TLS
session has begun, but most clients will choke when they connect and
don't see the available AUTH methods immediately. I don't think that's
really a fault of Courier.
> It seems that port 25 is used for both plain text and
> encrypted (SSL/TLS) esmtp sessions. If this is the case then mustn't a
> single courieresmptd daemon can only run on the port that handles both plain
> text and encrypted sessions? Does the current courieresmtpd daemon allow for
> the desired configuration discussed above?
It doesn't, but if you want to patch it to lie about its AUTH methods
immediately, it would be pretty simple. You only need to edit
courier/module.esmtp/courieresmtpd.c. Around line 1073, you'll find:
if (tls && (q=getenv("ESMTPAUTH_TLS")) != 0 &&
*q)
;
else
q=getenv("ESMTPAUTH");
Change it like so:
else
{
addiovec_error(NULL, "535 Authentication requires SSL.");
free(buf);
continue;
}
I think that'll work... ;)
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
