secure SMTP and cygnus-sasl handling
Charles Swiger
cswiger at mac.com
Tue Jun 3 14:29:10 PDT 2003
On Tuesday, June 3, 2003, at 05:08 PM, admin wrote:
> well I am a little new at the stunnel/secure SMTP options here so
> pardon the
> simple question. But I am reviewing all the documentation but cant
> seem to
> figure out the answer here. I am using cygnus-sasl as the method of
> SMTP
> authentication.
"cyrus-sasl"...?
> I am using stunnel to map from port 465 to port 25 for SMTP
> authentication.
> but I want to make it so users going directly to port 25 cannot
> authenticate.
> their only option is authenticate through port 465 via stunnel.
Have a firewall block port 25 to this mail server, and only permit the
users to talk to 465. Of course, you are running stunnel on the mail
server or it's local network, right?
> are there other applications that I need to consider here?
Sendmail will do STARTTLS if both sides support it, and you can even
configure things to not permit plain text authentication (AUTH LOGIN)
unless TLS/SSL has been negotiated.
--
-chuck
More information about the freebsd-questions
mailing list