wie...@porcupine.org (Wietse Venema) wrote: > Viktor Dukhovni: >> On Sat, Jan 10, 2015 at 08:22:17PM +0100, Michael Str?der wrote: >> >>> Are there any plans to support encrypted connections with tcp_table(5) maps? >>> Something like a stcp: map? >>> >>> Of course I can use stunnel -c but it would be nice if it's possible without >>> another moving part. >> >> The Unix philosophy says you use stunnel. > > If the client and server are on the same host, I would not bother > with TLS (if you can use a pritivelegd port for the service, then > if can't be spoofed by non-root users).
They are not on the same host. I want to implement a tcp_table_ldap_proxy demon which can do paranoid input checks (and some more things) and avoid granting full LDAP access for systems in DMZ. And yes, I know how to use OpenLDAP ACLs. > The Postfix SMTP client comes with an awful lot of configuration > settings. What would be a sensible subset for the purpose of > communication with dovecot auth, policy servers, tcp_table, socketmap? Pretty broad question. I'm not skilled enough to answer it. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
