bgware: Qmail-TLS patch?
Re: [bgware] Qmail-TLS patch?
Olivier Mueller ####@####.####
25 Mar 2015 16:14:56 -0000
On 20.06.13 23:33, Giam Teck Choon wrote:
> ucspi-ssl (http://www.fehcom.de/ipnet/ucspi-ssl.html)
> The steps to setup various svc run scripts are similar to the one
> outlined in http://www.suspectclass.com/sgifford/ucspi-tls/.
> I ported
> in mailfront to support STARTTLS in imapfront-auth.c and STLS support in
> pop3front-auth.c since it only support STARTTLS for smtpd in stock
> mailfront version 2.00.
> If you are interested to have those patches, let me know.
Sorry for this answer a few years later, but I would now be interested,
especially for IMAP and POP3 :-)
I've just finally been able to activate STARTTLS for smtpfront (using
the plugin-starttls-ucspi integrated in mailfront since 2.01, thanks
Now the same would be nice to have for imapfront and pop3front : maybe
this is already planned, for example with a similar plugin ? Otherwise I
would be glad to try your patches on my test setup.
Thanks in advance & kind regards,
PS: Just in case it would be interesting for somebody, here were my
steps for SMTP + TLS:
1) installation of the ucspi-ssl-tls-0.70_1 package (freebsd)
2) setup of the certificates + /var/qmail/ssl/env file according to
3) replacement of tcpserver by sslserver in the qmail-smtpd/run
supervise script, with a ". /var/qmail/ssl/env" and "UCSPITLS=1" before
4) addition of "starttls-ucspi" to my /etc/smtpfront/PLUGINS string
[~]$ telnet mailserver 587
Escape character is '^]'.
220 SMTP-AUTH only access. mailfront ESMTP
250-AUTH LOGIN PLAIN
then "live" with:
[~]$ openssl s_client -starttls smtp -crlf -connect mailserver:587.
PPS: I just saw https://github.com/giamteckchoon/mailfront before
posting... I guess it will help here, but the answer about an
integration as plugin directly in the mailfront package remains :)