jdusek at cs.uiowa.edu
Wed Jun 16 15:32:02 PDT 2004
I've decided to give Dovecot a shot. However, when I try to run it I get
and error message:
root # dovecot
Fatal: Can't use SSL certificate /var/dovecot/ssl/certs/dovecot.pem:
No such file or directory
So I need to make some certs. However, there is no "make certs" for
dovecot - so what exactly do I need to do? Do I just use openssl to make
me some certificates and put them in the right places Or are there some
fine points to making appropriate certificates?
-- Jason Dusek ("`-''-/").___..--''"`-._
-- | `6_ 6 ) `-. ( ).`-.__.`)
-- | (_Y_.)' ._ ) `._ `. ``-..-'
-- | _..`--'_..-_/ /--'_.' ,'
-- | (il),-'' (li),' ((!.-'
> Hi Jim,
> On Wed, 16 Jun 2004 16:13:47 -0400 UTC (6/16/2004, 3:13 PM -0500 UTC my
> time), Jim Trigg wrote:
> J> Postfix and Exim. I found no security advisories for either on the CERT
> J> website; that actually covers their entire lifecycles.
> Postfix: Actually IIRC, there were two, but could only find one in a short
> time of checking.
> Postfix versions before 1.1.12 allow an attacker to bounce-scan private
> networks, or use the daemon as a DDoS tool by forcing the daemon to connect
> to an arbitrary service at an arbitrary IP address and receiving either a
> bounce message or by analyzing timing. The Common Vulnerabilities and
> Exposures project (cve.mitre.org) has assigned the name CAN-2003-0468 to
> this issue.
> Postfix versions from 1.1 up to and including 1.1.12 have a bug where a
> remote attacker could send a malformed envelope address and:
> or http://www.icetalk.com/Exim-N2588.html same as http://secunia.com/advisories/11558/
> and http://www.spinics.net/lists/security/msg01343.html
More information about the freebsd-questions