Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Sendmail SASL over START-TLS
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9679
Location: almost Mile High in the USA
PostPosted: Wed Apr 24, 2013 3:14 pm    Post subject: Sendmail SASL over START-TLS Reply with quote
Has anyone gotten this working?

What I have:

I run sendmail on my server. It works for sending and receiving mail on this machine, and will relay just fine as long as the source is on my subnet or localhost. My machine has a true static IP and has forward/reverse DNS matching.

I'm tryiing to run dovecot as a IMAP server. This seems to work, I can login and get my mail, however...

What I'd like:

I'd like to be able to start an SSL session and authenticate when I'm using my cellphone or laptop when I'm out and about. I can't send mail through my server as it notices my remote clients having the wrong IP address. With authentication I'd like remote users to be able to also relay mail. However anyone not on my subnet should still be allowed to send mail to my own mail server without authentication.

What I don't want:

I could just disable relay checking... but I don't want my machine to be a spam hub :)

Anyone have a sendmail.mc that seems to work?

Currently I'm just using my openvpn certificate but later I'll make sendmail have its own certificate signed by my CA. (And of course I could just VPN into my network and send mail that way, but what's the fun in that?)

Code:
dnl These are for authentication so that remote clients can use our sendmail
define(`confAUTH_OPTIONS', `A p y')dnl
TRUST_AUTH_MECH(`LOGIN PLAIN EXTERNAL DIGEST-MD5 CRAM-MD5')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN EXTERNAL DIGEST-MD5 CRAM-MD5')dnl
define(`CERT_DIR',`/etc/openvpn/default') dnl
define(`confCACERT_PATH',`/etc/openvpn/default')dnl
define(`confCACERT',`/etc/openvpn/default/ca.crt')dnl
define(`localCERT', `/etc/openvpn/default/server.crt')dnl
define(`localKEY', `/etc/openvpn/default/server.key')dnl
define(`confCLIENT_CERT',`localCERT')dnl
define(`confCLIENT_KEY',`localKEY')dnl
define(`confSERVER_CERT',`localCERT')dnl
define(`confSERVER_KEY',`localKEY')dnl
dnl define(`confCRL',`/etc/openvpn/default/ca.crl')dnl

_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy