On Fri, Aug 03, 2018 at 01:33:03AM +0200, ѽ҉ᶬḳ℠ wrote: > Neither is utilizing dovecot's native lmpts stack though and adding > (unnecessary) complexity to the network. > postfix has ltmps implemented and perhaps the smptd developers may > consider to follow suit some day.
Someone asking developers to add TLS to a daemon for a protocol that is meant to be ran *locally* or on a trusted network, while complaining that the proposed alternatives add unnecessary complexity. Oh the irony... Even if you insist on running something called "local" on a different host, you have presented yet another possible solution yourself: a VLAN. If you really really really need TLS then you'll probably be better off running a different instance of smtpd on the dovecot host, with an extremely simple config that does nothing else than listening on 25 using TLS and delivering everything via lmtpd. There are plenty of solutions. Unfortunately for you, nearly all of them require that it is you that handle the complexity *you* require, instead of offloading it to the devs. Cheers Zé > > I can recommend lmtp over spiped, works great. > >> You could probably use ssh to tunnel it or something similar. > >>> Sure and makes certainly sense, but you can still have (V)LAN servers > >>> with different subnets and not necessarily everything on a single > >>> server/subnet. > >>>> from the lmtp rfc > >>>> > >>>> Â Â Â The LMTP protocol SHOULD NOT be used over wide area networks. > >>>>>> You don't really need to do secure lmtp because lmtp primarily runs on > >>>>>> a trusted network anyway. In fact, if you're running smtp and dovecot > >>>>>> on the same server, just use lmtp over a Unix domain socket. > >>>>>>> dovecot supports TLS over LMTP(S). Been searching the net but could > >>>>>>> not > >>>>>>> find a trace about smtpd support for lmtps and hence wondering whether > >>>>>>> such implemented? > >>>> > >>> > > > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
