On 07/11/2013 07:45 AM, Viktor Dukhovni wrote:
> On Thu, Jul 11, 2013 at 11:23:50AM -0400, Erinn Looney-Triggs wrote:
>
>>> GSSAPI inside TLS currently does not perform channel binding, and
>>> so your session can be hijacked, after the client authenticates
>>> with GSSAPI. You can use "fingerpri
On Thu, Jul 11, 2013 at 11:23:50AM -0400, Erinn Looney-Triggs wrote:
> > GSSAPI inside TLS currently does not perform channel binding, and
> > so your session can be hijacked, after the client authenticates
> > with GSSAPI. You can use "fingerprint" security if your server
> > certificate is not
On 07/11/2013 10:01 AM, Viktor Dukhovni wrote:
> On Wed, Jul 10, 2013 at 09:17:40PM -0400, Erinn Looney-Triggs wrote:
>
>> Just for posterity, I put together a set of instructions on how to do
>> this beginning to end here:
>>
>> https://stomp.colorado.edu/blog/blog/2013/07/09/on-freeipa-postfix-a
On Wed, Jul 10, 2013 at 09:17:40PM -0400, Erinn Looney-Triggs wrote:
> Just for posterity, I put together a set of instructions on how to do
> this beginning to end here:
>
> https://stomp.colorado.edu/blog/blog/2013/07/09/on-freeipa-postfix-and-a-relaying-smtp-client/
>
> Though it uses FreeIPA
On 07/02/2013 12:03 PM, Viktor Dukhovni wrote:
> On Tue, Jul 02, 2013 at 11:25:53AM -0400, Erinn Looney-Triggs wrote:
>
>> However, it still is not working.
>>
>> Running a debug_peer_list with the verbosity set to 2 against both a
>> thunderbird client working with GSSAPI and the postfix client.
On 07/02/2013 12:03 PM, Viktor Dukhovni wrote:
> On Tue, Jul 02, 2013 at 11:25:53AM -0400, Erinn Looney-Triggs wrote:
>
>> However, it still is not working.
>>
>> Running a debug_peer_list with the verbosity set to 2 against both a
>> thunderbird client working with GSSAPI and the postfix client.
On Tue, Jul 02, 2013 at 11:25:53AM -0400, Erinn Looney-Triggs wrote:
> However, it still is not working.
>
> Running a debug_peer_list with the verbosity set to 2 against both a
> thunderbird client working with GSSAPI and the postfix client. It
> appears that GSSAPI is not even being tried by th
On 07/01/2013 04:13 PM, Viktor Dukhovni wrote:
> On Mon, Jul 01, 2013 at 03:18:03PM -0400, Erinn Looney-Triggs wrote:
>
>> relayhost = smtp.myserver.com
>> smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
>> smtp_tls_session_cache_database =
>> btree:${data_directory}/smtp_tls_session_cache
>> s
On Mon, Jul 01, 2013 at 03:18:03PM -0400, Erinn Looney-Triggs wrote:
> relayhost = smtp.myserver.com
> smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
> smtp_tls_session_cache_database =
> btree:${data_directory}/smtp_tls_session_cache
> smtp_tls_security_level = may
> import_environment =
>
I have been trying to get GSSAPI to work with postfix's smtp client.
Essentially, what I already have is a postfix server that works with
GSSAPI already (tested via thunderbird), and I want postfix to use this
server as a relay.
I have found a couple of references:
http://permalink.gmane.org/gmane
10 matches
Mail list logo
