Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 16 Jun 2004 17:32:00 -0500
From:      Jason Dusek <jdusek@cs.uiowa.edu>
To:        freebsd-questions@freebsd.org
Subject:   Re: Mail
Message-ID:  <40D0CA60.5020100@cs.uiowa.edu>
In-Reply-To: <786347175.20040616153248@mygirlfriday.info>
References:  <40D023A1.8090009@cs.uiowa.edu> <20040616140305.GD32001@millerlite.local.mark-and-erika.com> <20040616145305.GB15913@ei.bzerk.org> <40D081D1.1060606@mac.com> <16592.38955.399680.399710@jerusalem.litteratus.org> <20040616201347.GB29666@spamcop.net> <786347175.20040616153248@mygirlfriday.info>
next in thread | previous in thread | raw e-mail | index | archive | help 
I've decided to give Dovecot a shot. However, when I try to run it I get 
and error message:

   root # dovecot
   Fatal: Can't use SSL certificate /var/dovecot/ssl/certs/dovecot.pem:
   No such file or directory

So I need to make some certs. However, there is no "make certs" for 
dovecot - so what exactly do I need to do? Do I just use openssl to make 
me some certificates and put them in the right places Or are there some 
fine points to making appropriate certificates?
--
-- Jason Dusek      ("`-''-/").___..--''"`-._
-- |                 `6_ 6  )   `-.  (     ).`-.__.`)
-- |                 (_Y_.)'  ._   )  `._ `. ``-..-'
-- |               _..`--'_..-_/  /--'_.' ,'
-- |              (il),-''  (li),'  ((!.-'
--

Gary wrote:
> Hi Jim,
> 
> On Wed, 16 Jun 2004 16:13:47 -0400 UTC (6/16/2004, 3:13 PM -0500 UTC my
> time), Jim Trigg wrote:
> 
> 
> J> Postfix and Exim.  I found no security advisories for either on the CERT
> J> website; that actually covers their entire lifecycles.
> 
>  Postfix: Actually IIRC, there were two, but could only find one in a short
>  time of checking.
>  
> Postfix versions before 1.1.12 allow an attacker to bounce-scan private
> networks, or use the daemon as a DDoS tool by forcing the daemon to connect
> to an arbitrary service at an arbitrary IP address and receiving either a
> bounce message or by analyzing timing. The Common Vulnerabilities and
> Exposures project (cve.mitre.org) has assigned the name CAN-2003-0468 to
> this issue.
> 
> Postfix versions from 1.1 up to and including 1.1.12 have a bug where a
> remote attacker could send a malformed envelope address and:
>                  also
>  http://www.net-security.org/advisory.php?id=2327
> 
> 
>  EXIM
> 
>  http://www.guninski.com/exim1.html
> 
>  or http://www.icetalk.com/Exim-N2588.html  same as http://secunia.com/advisories/11558/
> 
>  and http://www.spinics.net/lists/security/msg01343.html
> 
>  
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40D0CA60.5020100>