> been looking for guidance on PAM authentication. The spread is rather
> thin/sparse when searching the net for [ opensmtpd pam ] and basically
> boils down to
> https://github.com/OpenSMTPD/OpenSMTPD/issues/712.
>
> Another hint appears to be [ compile ] from the source package:
>
> [
> Noticed the ./config provides the following options for openssl:
>
> --with-libssl='/usr/lib/openssl-1.0' \
> --with-cflags='-I/usr/include/openssl-1.0'
>
> What I could not figure from the man pages or wiki or the source package
> is whether that tells smptd only the path to the openssl
On 01.08.18 14:48, ѽ҉ᶬḳ℠ wrote:
Having sorted PAM SMTPAUTH the user/client 172.25.120.2 is now treated
as server's local user and filter rules using from local are matched.
Thence, amended
[ accept from source 172.25.120.2 for any relay via
smtp://127.0.0.1:10027 ] to [ accept from source
>> Having sorted PAM SMTPAUTH the user/client 172.25.120.2 is now treated
>> as server's local user and filter rules using from local are matched.
>> Thence, amended
>>
>> [ accept from source 172.25.120.2 for any relay via
>> smtp://127.0.0.1:10027 ] to [ accept from source 172.25.120.2 for
On 01.08.18 15:17, ѽ҉ᶬḳ℠ wrote:
The matching rule for you should now be:
accept (from local) for any relay viasmtp://127.0.0.1:10027
This rule matching would again bypass DKIM and is redundant:
accept from source 172.25.120.2 for any relay
The way is set and working now:
accept for any
>>> listen on eth0 inet4 port 587 smtps hostname mail mask-source tag lan
>>>
>>>
>>> Either you trimmed this config line or you're missing "auth". Otherwise I
>>> suspect you're running without authentication.
>>
>> Uhum well, is there no PAM authentication? I was under the impression
>> that
Le 01/08/2018 à 14:17, ѽ҉ᶬḳ℠ a écrit :
>>> Having sorted PAM SMTPAUTH the user/client 172.25.120.2 is now treated
>>> as server's local user and filter rules using from local are matched.
>>> Thence, amended
>>>
>>> [ accept from source 172.25.120.2 for any relay via
>>> smtp://127.0.0.1:10027 ]
Hi,
dovecot supports TLS over LMTP(S). Been searching the net but could not
find a trace about smtpd support for lmtps and hence wondering whether
such implemented?
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to:
On 08/01/18 19:09, ѽ҉ᶬḳ℠ wrote:
yes
I guess this is you: https://github.com/OpenSMTPD/OpenSMTPD/issues/868 ?
lmpts implementation in dovecot and postfix does not serve a practical
purpose? What if dovecot and the mta are not on the same server?
from the lmtp rfc
The LMTP protocol
yes
> I guess this is you: https://github.com/OpenSMTPD/OpenSMTPD/issues/868 ?
lmpts implementation in dovecot and postfix does not serve a practical
purpose? What if dovecot and the mta are not on the same server?
> You don't really need to do secure lmtp because lmtp primarily runs on a
>
Sure and makes certainly sense, but you can still have (V)LAN servers
with different subnets and not necessarily everything on a single
server/subnet.
> from the lmtp rfc
>
>The LMTP protocol SHOULD NOT be used over wide area networks.
>>> You don't really need to do secure lmtp because lmtp
> The following 2 lines are redundant. The above will match first for
> authenticated submissions.
>
>> accept from local for any relay
>> accept from source 172.25.120.2 for any relay
>
Thanks for pointing that out, the logic apparently escaped me. Keeps he
code tidy and prevents redundancy.
>> The way is set and working now:
>>
>> listen on lo inet4 port 25 tls-require hostname mail mask-source tag lo
> `tls-require` on `lo` is a bit strange… `mask-source` too.
Of course it is, [ tls-require ] at least. That is now removed thus. [
mask-source ] for lo/127.0.0.1 is perhaps a
13 matches
Mail list logo