Stephen Warren <[EMAIL PROTECTED]> writes: > Amitai Schlair wrote: >> I've been happily using tmda-ofmipd wrapped with stunnel on port >> 465 (SMTPS) for quite some time. Upon noticing and reading through >> the ofmipd-stunnel-xinetd example in the TMDA distribution, I >> decided to also support TLS on port 587. In my case, it turned out >> to be quite a bit simpler than the example, so I wanted to report >> on my findings here. >> >> Given: >> * a long-running tmda-ofmipd on localhost:8025 >> * a long-running stunnel on port 465 hooked up to tmda-ofmipd > > The purpose of the wrapper scripts etc. was: > > 1) To allow tmda-ofmipd to see the real client IP address (via the > environment variables that stunnel sets up), rather than simply > reporting all connections as being from localhost. > > 2) This specifically requires avoiding a daemon tmda-ofmipd running all > the time; each tmda-ofmipd instance must be launched as a child of > stunnel to pass the environment variables over. > > Even with the above, one could probably run a permanent stunnel daemon, > rather than spawning it from xinetd to avoid one of the steps. Still, a > lot of other stuff I have runs under xinetd, so I did that for consistency. > > If you don't care about the localhost connection issue, then yes, just > running a tmda-ofmipd and stunnel daemon all the time may well be easier.
Could Amitai's simpler example be added to contrib in the appropriate place? _____________________________________________ tmda-users mailing list (tmda-users@tmda.net) http://tmda.net/lists/listinfo/tmda-users
