bgware: Qmail-TLS patch?


Previous by date: 25 Mar 2015 16:14:56 -0000 Announcing mailfront version 2.12, Bruce Guenter
Next by date: 25 Mar 2015 16:14:56 -0000 bglibs test failures during make, E.B.
Previous in thread: 25 Mar 2015 16:14:56 -0000 Re: Qmail-TLS patch?, Giam Teck Choon
Next in thread:

Subject: Re: [bgware] Qmail-TLS patch?
From: Olivier Mueller ####@####.####
Date: 25 Mar 2015 16:14:56 -0000
Message-Id: <5512DEFB.7090609@omx.ch>

Hello,

On 20.06.13 23:33, Giam Teck Choon wrote:
> (...) 
> ucspi-ssl (http://www.fehcom.de/ipnet/ucspi-ssl.html)
> The steps to setup various svc run scripts are similar to the one
> outlined in http://www.suspectclass.com/sgifford/ucspi-tls/.
> 
> I ported
> http://www.suspectclass.com/sgifford/ucspi-tls/files/mailfront-0.96-ucspitls-0.1.patch
> in mailfront to support STARTTLS in imapfront-auth.c and STLS support in
> pop3front-auth.c since it only support STARTTLS for smtpd in stock
> mailfront version 2.00.
> If you are interested to have those patches, let me know.

Sorry for this answer a few years later, but I would now be interested,
especially for IMAP and POP3 :-)

I've just finally been able to activate STARTTLS for smtpfront (using
the plugin-starttls-ucspi integrated in mailfront since 2.01, thanks
Bruce!).

Now the same would be nice to have for imapfront and pop3front : maybe
this is already planned, for example with a similar plugin ? Otherwise I
would be glad to try your patches on my test setup.

Thanks in advance & kind regards,
Olivier


PS:  Just in case it would be interesting for somebody, here were my
steps for SMTP + TLS:

1) installation of the ucspi-ssl-tls-0.70_1 package (freebsd)
2) setup of the certificates + /var/qmail/ssl/env file according to
http://www.suspectclass.com/sgifford/ucspi-tls/ucspi-tls-qmail-howto.html
3) replacement of tcpserver by sslserver in the qmail-smtpd/run
supervise script, with a ". /var/qmail/ssl/env" and "UCSPITLS=1" before
4) addition of "starttls-ucspi" to my /etc/smtpfront/PLUGINS string
5) testing:

[~]$ telnet mailserver 587
Escape character is '^]'.
220 SMTP-AUTH only access. mailfront ESMTP
EHLO
250-mailserver
250-AUTH LOGIN PLAIN
250-SIZE 0
250-STARTTLS      <================
250-8BITMIME
250-ENHANCEDSTATUSCODES
250 PIPELINING

then "live" with:

[~]$ openssl s_client -starttls smtp -crlf -connect mailserver:587.


PPS: I just saw https://github.com/giamteckchoon/mailfront before
posting...  I guess it will help here, but the answer about an
integration as plugin directly in the mailfront package remains :)





Previous by date: 25 Mar 2015 16:14:56 -0000 Announcing mailfront version 2.12, Bruce Guenter
Next by date: 25 Mar 2015 16:14:56 -0000 bglibs test failures during make, E.B.
Previous in thread: 25 Mar 2015 16:14:56 -0000 Re: Qmail-TLS patch?, Giam Teck Choon
Next in thread:


Powered by ezmlm-browse 0.21.