Date: Sat, 09 Jun 2001 19:58:55 -0700 From: Alex Zepeda <jazepeda@pacbell.net> To: Dan Langille <dan@langille.org> Cc: chat@freebsd.org Subject: Re: MTA authentications Message-ID: <20010609195855.A2662@zippy.mybox.zip> In-Reply-To: <200106100225.f5A2PAU52712@lists.unixathome.org>; from dan@langille.org on Sat, Jun 09, 2001 at 10:25:09PM -0400 References: <20010609120621.A1123@zippy.mybox.zip> <200106100225.f5A2PAU52712@lists.unixathome.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 09, 2001 at 10:25:09PM -0400, Dan Langille wrote: > To my knowledge, there is not TLS stuff on my mailserver. I've never > heard of TLS before this incident. It's all news to me. Ahh. TLS is the "next generation" of SSL (a.k.a. SSL 3.1). > Is it unreasonable of them to expect everyone else (i.e. me) to be set up > like that? Yes. It's wishful thinking for now, unfortunately. > I guess my point is this: if they expect the rest of the world to be "TLS- > enabled" (forgive my terminology, I don't know what else to call it), and > communicate only with such mail servers, how big is their universe? I > thought the [defacto] mail standard was smtp. Likely not very large. However, that's no reason to shy away from it. TLS is not a mail protocol, rather an encryption one. FWIW, I'd suggest that you set up sendmail or whatever MTA you choose to use or be able to use TLS. Postfix at least requires use of a certificate, and while you can generate your own, it might be worth buying one from a reputable certification agency (if you don't already have one) such as VeriSign so that your credentials can be verified. I guess a certificate could be used as authentication. However, the more common method involves SASL (RFC2222 IIRC). Sendmail supports this too. For incoming mail, I see authentication as being stupid and encryption as being common sense. Without knowing too much about sendmail, it appears as if sendmail has SSL/TLS support enabled (a la the awful hack that is OpenSSL), but you need to point your copy of sendmail at a valid certificate. - alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010609195855.A2662>