Am 09.03.2011 10:14, schrieb kapetr:
> Hello,
>
>
> "Victor Duchovni" wrote:
>>> 1. How to get SSL certificate of smtp.iol.cz
>>> (and save it to
file).
>>
>> Use "openssl s_client -showcerts"
>
> Thanks - it works. Interesting is, that I get this way only 2
> certificates:
>
> CN=smtp.
Hello,
"Victor Duchovni" wrote:
> > 1. How to get SSL certificate of smtp.iol.cz
> > (and save it to
> > > file).
>
> Use "openssl s_client -showcerts"
Thanks - it works. Interesting is, that I get this way only 2
certificates:
CN=smtp.iol.cz (issuer CN=Thawte SSL CA) and
CN=Thawte SSL CA
On Sat, Mar 05, 2011 at 06:48:05PM +0100, kapetr wrote:
> [ssmtp_client_iol]
> client = yes
> accept = 10465
> connect = smtp.iol.cz:465
> verify = 3
> CApath = /etc/ssl/certs
Don't use "verify = 3" until you have installed the appropriate
end-point certificate.
> The problem is, that I don't kn
Hello,
and thanks again for answer.
Victor Duchovni wrote:
> Your username/password are not safe from
>a man-in-the-middle attack, thwarting that requires authentication
>as
>>well as encryption. With stunnel that means "verify = 3" and a
>local
>>copy of the SMTP server certificate.
You are
On Fri, Mar 04, 2011 at 03:41:09PM +0100, kapetr wrote:
> At the moment am I satisfied with fact, that the communication with
> ISPs server is encrypted. So my with SALS LOGIN/PLAIN send
> name/passwd are +- safe.
There is no such thing as "safe", rather "safe" is always relative to
a set of th
Victor Duchovni wrote:
>Note, however, that stunnel will not by default verify peer
>certificates, so
>>additional configuration is required for that. Only stunnel's
>verification
>>level 3, where the remote peer certificate is locally installed in
>a
>>local CAfile referenced in the stunnel.conf
On Wed, Mar 02, 2011 at 09:15:24AM +0100, kapetr wrote:
> Hello,
>
> I HAVE TO apologize me :-)
>
> I had present my solution with stunnel4- and now I see (as wrote by
> - thanks) it is in
> http://www.postfix.org/TLS_README.html#client_smtps.
Note, however, that stunnel will not by default v
Hello,
I HAVE TO apologize me :-)
I had present my solution with stunnel4- and now I see (as wrote by
- thanks) it is in
http://www.postfix.org/TLS_README.html#client_smtps.
So it shows again the Great Truth - RTFM!
Sorry.
So at least I also see, that this is normal solution with Postfix.
On 3/1/2011 9:34 AM, kapetr wrote:
Hello again,
I have to report, that I have find a solution - over stunnel4.
This I add to main.cf:
--
smtp_sasl_auth_enable = yes
relayhost = [127.0.0.1]:10111
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options
On Tue, Mar 01, 2011 at 03:27:23PM +0100, kapetr wrote:
> http://www.postfix.org/SASL_README.html#client_sasl
> http://www.postfix.org/TLS_README.html
>
> --
> smtp_sasl_auth_enable = yes
> relayhost = [smtp.iol.cz]:465
Postfix does not support wrapper-mode (d
Hello again,
I have to report, that I have find a solution - over stunnel4.
This I add to main.cf:
--
smtp_sasl_auth_enable = yes
relayhost = [127.0.0.1]:10111
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
A
On Tue, Mar 01, 2011 at 03:27:23PM +0100, kapetr wrote:
> most SMTP servers of freemails or of ISP in Czech Republic use only
> SASL PLAIN/LOGIN authentication with SSL possibility (over port 465
> - ssmtp).
smtps (465) is a deprecated means of submission. Deprecated because
of the "wrappermode"
Hello,
most SMTP servers of freemails or of ISP in Czech Republic use only
SASL PLAIN/LOGIN authentication with SSL possibility (over port 465
- ssmtp).
I works well with e.g. Evolution as SMTP client.
But I can't get this work in Postfix with "relayhost"
I followed:
http://www.postfix.org/SASL_
13 matches
Mail list logo