Date: Tue, 2 Dec 2003 09:34:07 +0100 From: "Martin Mathiassen" <martin.mathiassen@dansikring.dk> To: <FreeBSD-questions@FreeBSD.ORG> Subject: help needed with sasl and postfix Message-ID: <006d01c3b8af$0d9238a0$af012c0a@gloit001>
next in thread | raw e-mail | index | archive | help
i am a newbiee in freebsd an i am trying to set up af mail server with postfix mysql amavis razor squirrelmail sasl imap i have tryed to follow this link http://www.littlewhitedog.com/reviews_other_00029.asp but i had to skeep the the start and whent on to installing the progs = going to harden it later first i want it to work Also add this in the beginning of your recipient restrictions ($:~)=3D> permit_sasl_authenticated, this wrong but what shall there stand then ($:~)=3D> dd if=3D/dev/urandom of=3D/etc/postfix/ssl/post.rand count=3D1 = 2>/dev/null and the answer is dd: unknown oprand 2 Cyrus SASL/TLS And Postfix SSL let's get SASL2 Installed now. ($:~)=3D> cd /usr/ports/security/cyrus-sasl2 ; make install clean Now go ahead and edit postfix's main.cf so we can tell it to start = utilizing the TLS features. Add in the following somewhere near the bottom: #TLS smtp_use_tls =3D yes smtpd_use_tls =3D yes smtpd_tls_auth_only =3D yes smtp_tls_note_starttls_offer =3D yes smtpd_tls_key_file =3D /etc/postfix/ssl/post.pem smtpd_tls_cert_file =3D /etc/postfix/ssl/post.pem smtpd_tls_CAfile =3D /etc/postfix/ssl/post.pem smtpd_tls_loglevel =3D 3 smtpd_tls_received_header =3D yes smtpd_tls_session_cache_timeout =3D 3600s tls_random_source =3D dev:/dev/urandom enable_sasl_authentication =3D yes smtpd_sasl_auth_enable =3D yes smtpd_sasl_security_options =3D noanonymous smtpd_sasl_local_domain =3D broken_sasl_auth_clients =3D yes Also add this in the beginning of your recipient restrictions ($:~)=3D> permit_sasl_authenticated, Here we create our postfix SSL Stuff ($:~)=3D> mkdir /usr/local/etc/postfix/ssl ($:~)=3D> chmod 700 /usr/local/etc/postfix/ssl Next we create our SSL certificates for postfix ($:~)=3D> cd /usr/local/etc/postfix/ssl ($:~)=3D> vi pst.cnf The contents of pst.cnf are: RANDFILE =3D /etc/postfix/ssl/post.rand [ req ] default_bits =3D 1024 encrypt_key =3D yes distinguished_name =3D req_dn x509_extensions =3D cert_type prompt =3D no [ req_dn ] C=3DcountryName Two letters! ST=3DstateOrProvinceName L=3DlocalityName O=3DorganizationName OU=3DOrganizationalUnitName CN=3DcommonName emailAddress=3DemailAddress [ cert_type ] nsCertType =3D server Be sure to enter the correct options. Next we generate our SSL = certificates. ($:~)=3D> dd if=3D/dev/urandom of=3D/etc/postfix/ssl/post.rand count=3D1 = 2>/dev/null WITH REGARDS MARTIN M
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006d01c3b8af$0d9238a0$af012c0a>