i am a newbiee in freebsd an i am trying to set up af mail server with postfix mysql amavis razor squirrelmail sasl imap
i have tryed to follow this link http://www.littlewhitedog.com/reviews_other_00029.asp but i had to skeep the the start and whent on to installing the progs going to harden it later first i want it to work Also add this in the beginning of your recipient restrictions ($:~)=> permit_sasl_authenticated, this wrong but what shall there stand then ($:~)=> dd if=/dev/urandom of=/etc/postfix/ssl/post.rand count=1 2>/dev/null and the answer is dd: unknown oprand 2 Cyrus SASL/TLS And Postfix SSL let's get SASL2 Installed now. ($:~)=> cd /usr/ports/security/cyrus-sasl2 ; make install clean Now go ahead and edit postfix's main.cf so we can tell it to start utilizing the TLS features. Add in the following somewhere near the bottom: #TLS smtp_use_tls = yes smtpd_use_tls = yes smtpd_tls_auth_only = yes smtp_tls_note_starttls_offer = yes smtpd_tls_key_file = /etc/postfix/ssl/post.pem smtpd_tls_cert_file = /etc/postfix/ssl/post.pem smtpd_tls_CAfile = /etc/postfix/ssl/post.pem smtpd_tls_loglevel = 3 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom enable_sasl_authentication = yes smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = broken_sasl_auth_clients = yes Also add this in the beginning of your recipient restrictions ($:~)=> permit_sasl_authenticated, Here we create our postfix SSL Stuff ($:~)=> mkdir /usr/local/etc/postfix/ssl ($:~)=> chmod 700 /usr/local/etc/postfix/ssl Next we create our SSL certificates for postfix ($:~)=> cd /usr/local/etc/postfix/ssl ($:~)=> vi pst.cnf The contents of pst.cnf are: RANDFILE = /etc/postfix/ssl/post.rand [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] C=countryName Two letters! ST=stateOrProvinceName L=localityName O=organizationName OU=OrganizationalUnitName CN=commonName emailAddress=emailAddress [ cert_type ] nsCertType = server Be sure to enter the correct options. Next we generate our SSL certificates. ($:~)=> dd if=/dev/urandom of=/etc/postfix/ssl/post.rand count=1 2>/dev/null WITH REGARDS MARTIN M _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
