On Mon, Dec 08, 2003, [EMAIL PROTECTED] wrote: > I need to implement a mailserver with postfix that can authenticat smtp clients > against an ldap server. [...] > There is a independent KDE program called "Kroupware" which uses a so called "Kolab" server as the backend. The mail part uses postfix. Clients authenticate to postfix through SASL which connects to OpenLDAP. The interesting part of the game is that the "kolab" installation is entirely based on OpenPKG. I dont't want to go too much into detail but the Kolab developers took OpenPKG v1.1 and did lots of modifications and enhancements. Over the time we included and adopted all their changes and only a few days ago we sucked in the last change so the next OpenPKG release and OpenPKG CURRENT os of 26-Nov-2003 provide a full solution based on Kolab experience. Even better, we're providing a automated setup which can be found at ftp://ftp.zfos.org/brew/kolab/CFG/kolab-1.0.14-20031126/obmtool.conf. Even without knowing Kolab just examine the INSTALL lines and you'll find the answers to your question.
> I'm also a bit confused about TLS. As far I understand, TLS allows hole > connection to be encrypted, while SASL only enables authentication. In doub, I > prefere to build with both supports and see later if I realy support them. > See above. Both SASL (id/pw) and TLS X.509 client cert auth are supported. Postfix should be able accept TLS connections for encryption, i know for sure it supports STARTTLS. Postfix can also use TLS for SMTP delivery crypt and auth with optional check whether the recipient is really the one it claims to be. The latter is useful for recipients which have dynamic IP addresses, find minutes of my experiments on http://www.lotterer.net/thomas/dop.html -- [EMAIL PROTECTED], Cable & Wireless ______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List [EMAIL PROTECTED]
