Re: [xmail] ask about smtp authentication with openldap database via XMail service.

2015-08-04 Thread David Lord via xmail 

On 4 Aug 2015 at 4:26, Watthanachai Kekhua via xmail wrote:

 Dear XMail members,
 
 Right now we use about XMail as MTA and we would like to use SMTP 
 authentication with ldap DB (openldap) .
 And in the manual said about add username (email address ) + password in to 
 file MAILUSERS.TAB.
 
 So we would like to ignore this kind of case due to security issue show 
 password field and then
 We would like to point authentication method to our ldap server instead such 
 as integrate with cyrussasl something like this,
 could you kindly guide us about setting configure on XMail to support ldap DB 
 ?
 
 Please do not hesitate to contact us , If you have any questions .
 Best Regards.
 
 #  Watthanachai KEKHUA (Golf)
 #  Operation And Maintenance Department (OAM)
 #  Tel: 02-2367227 Ext. 1624
 #  NTT Communications (Thailand) Co., Ltd.
 #
 
 DISCLAIMER :
 This email is for the use of the intended recipient(s) only.
 If you have received this email in error, please notify the sender 
 immediately and then delete it.
 If you are not the intended recipient, you must not keep, use, disclose, copy 
 or distribute this email without the author's prior permission.
 We have taken precautions to minimise the risk of transmitting software 
 viruses, but we advise you to carry out your own virus checks on any 
 attachment to this message.
 We cannot accept liability for any loss or damage caused by software viruses.
 The information contained in this communication may be confidential and may 
 be subject to the attorney-client privilege.
 If you are the intended recipient and you do not wish to receive similar 
 electronic messages from us in future then please respond to the sender to 
 this effect.
 
 



Hi

logged in as my general admin user:

bash-4.3$ ls -l /var/MailRoot/
ls: acv: Permission denied
ls: aliasdomain.tab: Permission denied
...
ls: userauth: Permission denied
ls: userdef.tab: Permission denied

bash-4.3$ ls -l /var/MailRoot/mailusers.tab 
ls: /var/MailRoot/mailusers.tab: Permission denied


mailusers.tab:
domain[TAB]account[TAB]enc-passwd[TAB]account-
id[TAB]accountt-dir[TAB]account-type

also maybe your security risk
enc-passwd is encrypted, eg: 0123456789abcdef 


It's possible to add hooks to external utilities, eg: openssl,
spam-assassin. See xmail.txt.

I've not changed my config since around 2004 but xmail and 
supporting programs are rebuilt fairly regularly, some along
with base OS, some with pkgsrc and a few, including xmail in
 /usr/local/sources.


David


___
xmail mailing list
xmail@xmailserver.org
http://xmailserver.org/mailman/listinfo/xmail

Re: [xmail] thx to xmail and its author

2015-05-16 Thread David Lord via xmail 
On 16 May 2015 at 16:00, U.Mutlu via xmail wrote:

 Hi folks,
 
 I'm using xmail for a long time now (maybe 7 yrs), and I'm still
 very satisfied with it. OTOH I must admit I'm using it only for
 a small number of users, and I've used (before xmail)
 only one other mail-system (it was qmail iirc).
 
 I'm using a self-compiled version of xmail (the crippled version
 in the debian repository I tried about 2 yrs ago was unusable
 due to cfg-files spread around to many OS-system dirs;
 I like it compact under a single app-dir and its subdirs).
 
 The only thing I don't like much is the usage of TAB as delimiter in the 
 cfg-files.
 
 What I would like to ask is:
 
 - What are the shortcomings or missing features other
users experience with xmail?
 - What about the new developments regarding ssl and
crypto since Snowden,
and their relevance to xmail?
 - What new features should xmail have implemented?

Hi

I started using xmail around 2005 and at that time
also had about four remote users.

Main system here changed over time and is currently
NetBSD. When a security vulnerability relevant to my
setup is announced I rebuild the main base system, 
ntpd, xmail and other affected packages. XMail uses
a few third party programs that are from either base
system, NetBSD pkgsrc or local imports. 

I've always been setup so that a delay is introduced
so that email from point and shoot mailers or
mailers that don't retry isn't received but 
unfortunately hotmail is currently one of those.


David


___
xmail mailing list
xmail@xmailserver.org
http://xmailserver.org/mailman/listinfo/xmail