secure SMTP and cygnus-sasl handling

Charles Swiger cswiger at
Tue Jun 3 14:29:10 PDT 2003

On Tuesday, June 3, 2003, at 05:08 PM, admin wrote:
> well I am a little new at the stunnel/secure SMTP options here so 
> pardon the
> simple question.  But I am reviewing all the documentation but cant 
> seem to
> figure out the answer here.  I am using cygnus-sasl as the method of 
> authentication.


> I am using stunnel to map from port 465 to port 25 for SMTP 
> authentication.
> but I want to make it so users going directly to port 25 cannot 
> authenticate.
> their only option is authenticate through port 465 via stunnel.

Have a firewall block port 25 to this mail server, and only permit the 
users to talk to 465.  Of course, you are running stunnel on the mail 
server or it's local network, right?

> are there other applications that I need to consider here?

Sendmail will do STARTTLS if both sides support it, and you can even 
configure things to not permit plain text authentication (AUTH LOGIN) 
unless TLS/SSL has been negotiated.


More information about the freebsd-questions mailing list