-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Amitai Schlair wrote: > I've been happily using tmda-ofmipd wrapped with stunnel on port > 465 (SMTPS) for quite some time. Upon noticing and reading through > the ofmipd-stunnel-xinetd example in the TMDA distribution, I > decided to also support TLS on port 587. In my case, it turned out > to be quite a bit simpler than the example, so I wanted to report > on my findings here. > > Given: > * a long-running tmda-ofmipd on localhost:8025 > * a long-running stunnel on port 465 hooked up to tmda-ofmipd
The purpose of the wrapper scripts etc. was: 1) To allow tmda-ofmipd to see the real client IP address (via the environment variables that stunnel sets up), rather than simply reporting all connections as being from localhost. 2) This specifically requires avoiding a daemon tmda-ofmipd running all the time; each tmda-ofmipd instance must be launched as a child of stunnel to pass the environment variables over. Even with the above, one could probably run a permanent stunnel daemon, rather than spawning it from xinetd to avoid one of the steps. Still, a lot of other stuff I have runs under xinetd, so I did that for consistency. If you don't care about the localhost connection issue, then yes, just running a tmda-ofmipd and stunnel daemon all the time may well be easier. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD4DBQFFrqTfhk3bo0lNTrURArlMAKDsm+zGNp5kUXyLf+U3QcLSETsPpQCXbOq1 oaP2FDbHWLyrlczDncmm5w== =d/PC -----END PGP SIGNATURE----- _____________________________________________ tmda-users mailing list (tmda-users@tmda.net) http://tmda.net/lists/listinfo/tmda-users
