Greetings, I have a 5.3 Server. I'm planning to install Postfix. I'm planning to use the Maildir format.
I'm going to generate my own SSL certificates for mail and use it for smpts/imaps/pop3s. But I'm not sure what to use for authentication. I need to have the mail users/password seperated from the system user/password. Because some users will only have mail accounts and they won't have any shell access. I read about different auth mechanism and I know for sure that Plain Login is not what I want. I need DIGEST-MD5. I'm looking for something easier than SASL to configure. On my test server I tried to configure SASL and couldn't get DIGEST-MD5 to work. Any suggestion ? Someone mentioned that I shouldn't worry about the authentication if it's Plain or Login because I'm going to use SSL and that would encrypt both Login and the data channel. I'm not sure if this is 100% true. Any idea ? Last but not least, I'm going to add on top of all that a webmail. probably Openwebmail or squirrelmail. Which one of them would work better with all what I mentioned earlier: - Auth DIGEST-MD5 - Maildir - SSL - dovecot I was checking one of squirrelmail password plugins and I read this sentence: "Cyrus SASL includes a shell utility called "saslpasswd" for manipulating user passwords in the "sasldb" database. This patch attempts to use this utility to perform password manipulations required by your squirrelmail users without any administrative interaction. Unfortunately, this scheme requires that the "saslpasswd" utility be run as the "cyrus" user - a horrible security problem since we have chosen to SUID a small script which will allow this to happen." I'm pretty confused about the authentication method to use. I'm trying to run everything as secure as possible. I configured Postfix to run chrooted. and I'm going to use SSL for sure. What auth should I choose for smtp ? -- Regards, _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
