Re: [courier-users] TLS on port 587?

Sun, 13 May 2012 19:16:00 -0700 

Mark Constable writes:


I must be missing something in the docs.

How do I enable TLS (or SSL?) on port 587?
If STARTTLS is advertised on 25, it should also be advertised on 587. Check that you have STARTTTLS in the EHLO response on 25. 

Either /usr/bin/couriertls, or $TLS_CERTFILE is missing.
If you use ${TLS_CERTFILE}.[ip address], you still need $TLS_CERTFILE symlinked to one of them. 





~ egrep -v "^(#|$)" /etc/courier/esmtpd
ESMTP_LOG_DIALOG=0
BOFHNOVRFY=1
PATH=/usr/bin:/bin:/usr/bin:/usr/local/bin
SHELL=/bin/sh
ULIMIT=16384
BOFHCHECKDNS=1
BOFHNOEXPN=1
NOADDMSGID=1
NOADDDATE=1
AUTH_REQUIRED=0
COURIERTLS=/usr/bin/couriertls
TLS_CERTFILE=/usr/lib/courier/esmtpd.pem
TLS_VERIFYPEER=NONE
MAILUSER=daemon
MAILGROUP=daemon
PORT=smtp
BLACKLISTS='-block=zen.spamhaus.org,BLOCK'
ACCESSFILE=${sysconfdir}/smtpaccess
MAXDAEMONS=400
MAXPERC=40
MAXPERIP=40
PIDFILE=/var/run/courier/esmtpd.pid
TCPDOPTS="-stderrlogger=/usr/sbin/courierlogger -noidentlookup -nodnslookup"
ESMTPAUTH="LOGIN PLAIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256"
ESMTPAUTH_WEBADMIN="LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256"
ESMTPAUTH_TLS=""
ESMTPAUTH_TLS_WEBADMIN="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256"
ESMTPDSTART=YES

~ egrep -v "^(#|$)" /etc/courier/esmtpd-msa
BOFHCHECKDNS=1
NOADDMSGID=0
NOADDDATE=0
ESMTP_LOG_DIALOG=0
AUTH_REQUIRED=1
BLACKLISTS=""
ADDRESS=0
PORT=587
PIDFILE=/var/run/courier/esmtpd-msa.pid
ACCESSFILE=${sysconfdir}/smtpaccess
ESMTPDSTART=YES
MAXDAEMONS=400
MAXPERC=40
MAXPERIP=40

~ egrep -v "^(#|$)" /etc/courier/esmtpd-ssl
prefix=/usr
exec_prefix=/usr
BOFHCHECKDNS=1
BOFHNOEXPN=0
BOFHNOVRFY=0
NOADDMSGID=1
NOADDDATE=1
ESMTP_LOG_DIALOG=0
AUTH_REQUIRED=0
SSLPORT=465
SSLADDRESS=0
SSLPIDFILE=/var/run/courier/esmtpd-ssl.pid
ESMTPDSSLSTART=YES
COURIERTLS=/usr/bin/couriertls
TLS_KX_LIST=ALL
TLS_COMPRESSION=ALL
TLS_CERTS=X509
TLS_CERTFILE=/etc/courier/esmtpd.pem
TLS_TRUSTCERTS=/etc/ssl/certs
TLS_VERIFYPEER=NONE
MAXDAEMONS=400
MAXPERC=40
MAXPERIP=40

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Attachment: pgpw7Rt2cb40j.pgp
Description: PGP signature

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to