Re: [courier-users] Authenticate Clients via TLS client cert
Bernd Wurst writes: Hello, I'm struggling with the question if it is possible to authenticate clients (optionally) with a client certificate. I found some docs about dovecot implementing this [1] and was wondering if courier (SMTP) could also be used with this? I could not find something about it in the docs. The desired use would be that we operate a local CA and issue certificates that contain a user name (e-mail-address) as common name and courier authenticates this certificate as the given user, so that logging and processing will continue have the sender's data. [1]: "Client certificate verification/authentication", half way down at https://wiki.dovecot.org/SSL/DovecotConfiguration http://www.courier-mta.org/install.html#sslcert Also described further in the esmtpd-ssl configuration file, under TLS_EXTERNAL. For this to work, the certificate subject needs to specify whatever would be used for the login ID when authenticating manually. pgpi8XcrDFBKM.pgp Description: PGP signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] Authenticate Clients via TLS client cert
Hello, I'm struggling with the question if it is possible to authenticate clients (optionally) with a client certificate. I found some docs about dovecot implementing this [1] and was wondering if courier (SMTP) could also be used with this? I could not find something about it in the docs. The desired use would be that we operate a local CA and issue certificates that contain a user name (e-mail-address) as common name and courier authenticates this certificate as the given user, so that logging and processing will continue have the sender's data. [1]: "Client certificate verification/authentication", half way down at https://wiki.dovecot.org/SSL/DovecotConfiguration regards, Bernd signature.asc Description: OpenPGP digital signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] New releases of Courier packages.
Download: http://www.courier-mta.org/download.html New releases of courier, courier-unicode, courier-authlib, courier-imap, sqwebmail, maildrop, and cone packages. Changes: - The courier-unicode library updated to use C++11 unicode features. - Some SMTP connection failures were not reported correctly. - maildir quota calculation will ignore symbolic links to folders. - Fix TLS peer hostname verification issue caused by CNAME records. - Do not use ANY queries for DNSBL lookups. - Fix compilation errors with OpenSSL 1.1.0. - Include several Debian patches. pgpn8714cb_qg.pgp Description: PGP signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users