Re: [SLE] cyrus configuration
From: Tom Allison (tallison_at_tacocat.net)
Date: 10/12/03
- Previous message: Tom Allison: "Re: [SLE] open relay configuration"
- In reply to: Tarjei Huse: "Re: [SLE] cyrus configuration"
- Next in thread: Felipe Alfaro Solana: "Re: [SLE] cyrus configuration"
- Reply: Felipe Alfaro Solana: "Re: [SLE] cyrus configuration"
- Reply: Tarjei Huse: "Re: [SLE] cyrus configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 11 Oct 2003 21:45:57 -0400 To: tarjei+a_lists.suse@nu.no
Tarjei Huse wrote:
>hi
>
>
>
>>I have some basic questions and I'm not sure where to begin finding the
>>answers.
>>
>>
>Take a look at
>
>
>>is cyrus-sasld required for cyrus to function? (appears to be a definite Yes)
>>
>>
>YES. cyrus-sasl is required. SuSE comes with both (i.e. -imapd and -sasl).
>
>
>>Authentication:
>>I am attempting to configure my network with PAM_LDAP authentication.
>>
>>
>Use saslauthd. Consider using saslauthd directly to the ldapserver. PAM
>here is only a hassle.
>
>
>>Attempting, in that I haven't gotten there yet.
>>But I would also want to be able to create mail accounts for users who are
>>not in my network or may be on a different domain name (two domains on one
>>mail server).
>>
>>
>
>
>
>>Can I do this using LDAP with TLS?
>>
>>
>TLS has nothing to do with it.
>LDAP no problem - define differen usernames and map different domains to
>them.
>
>
>
>>(I really don't want plaintext passwords unless it's between my LAN and DMZ)
>>
>>
>Well, how big is this operation, it might be worth considering some kind
>of digest-md5 auth. See
>http://marc.theaimsgroup.com/?l=cyrus-sasl&m=105815526130121&w=2
>
>
>
>>What's the DEFAULT authentication model for cyrus?
>>
>>
>Sasl :-)
>
>
>
>
Thank you for the input.
I've made some progress.
I have plaintext authentication against my /etc/passwd file.
This is not my preferred method of authentication, but it's a working
email server and since IMAP is only from the LAN it might be OK.
I'm still not sure how to limit a DMZ service to a LAN subnet only.
I'm using ipcop as a firewall and have a DMZ of 192.168.0.1/24 and a LAN
of 192.168.1../24. Although ipcop does not permit IMAP traffic to the
DMZ from the outside, I would prefer to firewall the server to IMAP only
from 192.168.1.1/24 as a matter of practice. But that's probably
another chapter.
Right now I'm still wondering if I should try LDAP authentication, but I
have another problem that's even bigger.
How do I get spamassassin back into action?
It seems that the email that's coming in is not being filtered/scanned
for spam. X-Virus-Scanned tags are good, but nothing from X-Spam-Status.
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
- Previous message: Tom Allison: "Re: [SLE] open relay configuration"
- In reply to: Tarjei Huse: "Re: [SLE] cyrus configuration"
- Next in thread: Felipe Alfaro Solana: "Re: [SLE] cyrus configuration"
- Reply: Felipe Alfaro Solana: "Re: [SLE] cyrus configuration"
- Reply: Tarjei Huse: "Re: [SLE] cyrus configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
