The risk of someone bothering to parse packets and retrieve your
passwords in order to gain access to user email is, I think, extremely
small unless you have information that people really want to read, in
which case it is easy to do.
In other words, almost anyone can get a password from
Is it possible to poll a database (postgresql) for an IP address to
authenticate SMTP sending?
A user checks their email. Their IP is logged in the database. When they
try to send an email through XMail, could you use a script in
userauth/smtp to authenticate based on the IP? It doesn't seem
The risk of someone bothering to parse packets and retrieve your
passwords in order to gain access to user email is, I think, extremely
small unless you have information that people really want to read, in
which case it is easy to do.
In other words, almost anyone can get a password from
Well thank you. I will work on it some more. I have now a filter and
tab in place, but it says to be sure that spamd si running and I have
no way of knowing how to start it or what not.
I have run SpamAssassin with ActivePerl
and Spamd.bat (to run is simple. double click from explorer)
Ross, postmaster is a user just like any other. You will need to create it
or add it as an alias to another user.
Rob: -)
Rob Arends wrote:
Are you sure the postmaster account isn't
'[EMAIL PROTECTED]'
Rob: -)
In this case, is postmaster a system user or an XMail user? I have not
added
I think you missed to create some XMail domains and/or accounts ...
Remember that XMail don't use ANY system account (except the one defined to
run xmail itself...)
Nor xmail comes with any domain (except a sample) nor xmail create any
domain based on os level computer name
Nor xmail comes with
I would like to protect the email.
Are there other (or better) forms of encryption (or other approaches)
available in XMail?
There is always PGP and the like..
-darren
-
To unsubscribe from this list: send the line unsubscribe xmail in
the body of a message to [EMAIL PROTECTED]
For
You might consider using stunnel. I think it's available for Windows
(definitely for GNU/Linux).
Adrian Hicks
On Friday 09 September 2005 14:50, Jeff Buehler wrote:
The risk of someone bothering to parse packets and retrieve your
passwords in order to gain access to user email is, I
Am 9.9.2005 schrieb Adrian Hicks [EMAIL PROTECTED]:
You might consider using stunnel. I think it's available for Windows
(definitely for GNU/Linux).
Yes it is!
Can be found here:
http://www.stunnel.org/download/binaries.html
But using stunnel is preferred using SSL secured IRC connections -
As far as I know stunnel can provide a secure tunnel for any TCP port.
I've used it for secure LDAP connections in the past.
Adrian Hicks
On Friday 09 September 2005 17:55, [EMAIL PROTECTED] wrote:
Am 9.9.2005 schrieb Adrian Hicks [EMAIL PROTECTED]:
You might consider using stunnel. I
On 09.09.2005 11:55, [EMAIL PROTECTED] wrote:
Am 9.9.2005 schrieb Adrian Hicks [EMAIL PROTECTED]:
You might consider using stunnel. I think it's available for Windows
(definitely for GNU/Linux).
Yes it is!
Can be found here:
http://www.stunnel.org/download/binaries.html
But using
Am 9.9.2005 schrieb Sönke Ruempler [EMAIL PROTECTED]:
works for wrapping every tcp connection :)
I know that. But did u try it out?
There are lots of sites in the wild, where troubles are explained using
Stunnel.
But well, it might work - give it a try Ross.
--
Regards,
Alexander 'xaitax'
[EMAIL PROTECTED] wrote on Friday, September 09, 2005 12:16
PM:
Am 9.9.2005 schrieb Sönke Ruempler [EMAIL PROTECTED]:
works for wrapping every tcp connection :)
I know that. But did u try it out?
There are lots of sites in the wild, where troubles are explained
using Stunnel.
Yes i
Am 9.9.2005 schrieb Sönke Ruempler [EMAIL PROTECTED]:
Yes i did, even with XMail some time ago.
I never said, it won't work - I only mentioned, that stunnel causes
often problems.
I also wrote, that he could try it out and then he will see if it works -
or won't.
--
Regards,
Alexander
Ross:
Maybe I'm not understanding what you're asking for, but XMail does this sort
of thing already without using a database - look in the README for
[EnableAuthSMTP-POP3] (which is on by default), check the command-line
parameter -Se (controls how long an IP address is valid based on POP3
It would be nice to get SSL working with XMail - if I can get some time
together today, Ross, I will try compiling the SSL patch for XMail 1.21
under FreeBSD 5.4, and see if I can get it working.
Jeff
Alexander Hagenah wrote:
Am 9.9.2005 schrieb Sönke Ruempler [EMAIL PROTECTED]:
Yes i
Alas, I'm on FreeBSD! Is there Linux stunnel?
PGP would protect the mail itself, but is a separate issue from securing
SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT
INFORMATION.
Even if it's unlikely that someone would sniff my users' packets, what's
to stop a spammer
Wow, that would be great! Also, the current openssl is 0.9.7g, what
version should I be using? Do you need any more information from me?
Also, I'm on FreeBSD 5.3, think it will still work?
Someone suggested md5 passwords, but this is client-dependent. I use
Thunderbird on Mac OS 10.4. I have
Well, that was easy! It compiled and linked without difficulty on my
FreeBSD 5.4 platform. My openssl is version 0.9.7e, however ... try
upgrading to that and see if you have better luck...
Jeff
Ross Gohlke wrote:
I have tried to install the patch linked from the XMail homepage:
By the way, while it is possible, I think the likelihood of spammers
going to the effort to retrieve packets to use your server for spamming
is extremely low. I have never heard of anyone going to the effort to
sniff packets simply to spam on commercial servers - none of the big
commercial
On FreeBSD there is a port of stunnel: /usr/ports/security/stunnel
Jeff
Ross Gohlke wrote:
Alas, I'm on FreeBSD! Is there Linux stunnel?
PGP would protect the mail itself, but is a separate issue from securing
SMTP Auth, no? What I'm trying to do right now is protect the ACCOUNT
-Message d'origine-
De : Ross Gohlke [mailto:[EMAIL PROTECTED]
Envoyé : vendredi 9 septembre 2005 17:45
À : xmail@xmailserver.org
Objet : [xmail] Re: XMail + SSL patch
Alas, I'm on FreeBSD! Is there Linux stunnel?
PGP would protect the mail itself, but is a separate issue
Jeff Buehler wrote:
By the way, while it is possible, I think the likelihood of spammers
going to the effort to retrieve packets to use your server for spamming
is extremely low. I have never heard of anyone going to the effort to
sniff packets simply to spam on commercial servers - none of
You should ALWAYS be able to tell if someone is abusing your system by
doing a somewhat regular log analysis, at least in my opinion.
If I were to implement SSL, I would do this log analysis regularly
anyway. This is the only way I know of that many system attacks can be
discovered -
On Thu, 8 Sep 2005, Dan Porter wrote:
I want to set up a filter so that all emails to [EMAIL PROTECTED] will
not get processed by the other filters (spam checker, virus checker).
I have never written my own filter, but I am guessing I need to do
something like this:
In filters.in.tab:
On Fri, 9 Sep 2005, OKI Miyuki wrote:
Well thank you. I will work on it some more. I have now a filter and
tab in place, but it says to be sure that spamd si running and I have
no way of knowing how to start it or what not.
¡¡I have run SpamAssassin with ActivePerl
and Spamd.bat (to run is
26 matches
Mail list logo
