On Thu, Nov 15, 2012 at 04:48:50PM -0500, Sandy Harris wrote: > The Box should, I think, support a webmail interface because > that is what many people are used to. That should use SSL > encryption by default; this protects mail on the wire or in the > air between the server and your desktop or laptop. > > The box should also support Start TLS. > http://en.wikipedia.org/wiki/STARTTLS > That can protect non-web interfaces between server and > user, POP or IMAP, and also server-to-server mail > exchange.
Most attempted delivery from dynamic user space will bounce, and requiring smarthosts clashes both with the zero administration requirement and adds an additional point of attack. There is no really good way to interoperate with mail delivery on the greater Internet, so I would just make FBX a part of a working darknet, e.g. cjdns (which allows you some limited anonymity, yet ability to de-peer offenders), and just let postfix additionally accept everything from within fc00::/8. Notice that cjdns has a Debian package, though unmaintained, and uses very few resources (there is an OpenWRT package for embedded routers). _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
