Loading ...
Sorry, an error occurred while loading the content.

Re: question about auth, smtpd and roundcube

Expand Messages
  • btb@...
    ... let s please keep the discussion on the list, so others may participate. the key here is the I want roundcube to access the mail server with auth but
    Message 1 of 5 , Jun 21, 2013
    • 0 Attachment
      On Jun 21, 2013, at 03.50, Felix Rubio Dalmau <felixrubiodalmau@...> wrote:

      > Sorry for disturbing you, Ben
      >
      > Thank you for your answer, but there is one point I don't fully get: If I
      > set up an smtp [25] to offer encryption without auth, a submission [587] to
      > require encryption and auth, and I want roundcube to access the mail server
      > with auth but without encryption.... I am stuck at the same point, right?
      >
      > Finally, I have configured smtp [25] to offer encryption, and auth only
      > under tls. I have also set up a submission [587] without encryption, requiring
      > auth, for roundcube. Finally I have closed port 587 using iptables, so can be
      > used only through the loopback interface.

      let's please keep the discussion on the list, so others may participate.

      the key here is the "I want roundcube to access the mail server with auth but without encryption". why bother? roundcube happily performs encryption just fine, it hurts nothing to do it, and it obviates the need for unnecessary special treatment.

      you should not be offering auth on port 25, encryption or not. we don't need to get into all of the corner cases or special use cases, but far and away, for the average environment, auth is for clients, and clients are to use port submission/587. if you're using submission/587 for roundcube only [as you seem to indicate], then why go to all of the trouble to intentionally disable encryption when it works just fine?

      -ben
    • Felix Rubio Dalmau
      The underlying reason is that I am using a very small machine (and AMD-350), which I have set-up to be fanless., and which is running, appart from the mail
      Message 2 of 5 , Jun 22, 2013
      • 0 Attachment
        The underlying reason is that I am using a very small machine (and AMD-350),
        which I have set-up to be fanless., and which is running, appart from the mail
        server for my family, a couple of webservers, owncloud' instances, etc. So, I
        thought that I could free it from some work by disabling the encryption in the
        roundcube.

        Regards!

        Felix


        On Friday 21 June 2013 22:17:49 btb@... wrote:
        > On Jun 21, 2013, at 03.50, Felix Rubio Dalmau <felixrubiodalmau@...>
        wrote:
        > > Sorry for disturbing you, Ben
        > >
        > > Thank you for your answer, but there is one point I don't fully get:
        If I
        > >
        > > set up an smtp [25] to offer encryption without auth, a submission [587]
        > > to
        > > require encryption and auth, and I want roundcube to access the mail
        > > server
        > > with auth but without encryption.... I am stuck at the same point, right?
        > >
        > > Finally, I have configured smtp [25] to offer encryption, and auth only
        > >
        > > under tls. I have also set up a submission [587] without encryption,
        > > requiring auth, for roundcube. Finally I have closed port 587 using
        > > iptables, so can be used only through the loopback interface.
        >
        > let's please keep the discussion on the list, so others may participate.
        >
        > the key here is the "I want roundcube to access the mail server with auth
        > but without encryption". why bother? roundcube happily performs
        > encryption just fine, it hurts nothing to do it, and it obviates the need
        > for unnecessary special treatment.
        >
        > you should not be offering auth on port 25, encryption or not. we don't
        > need to get into all of the corner cases or special use cases, but far and
        > away, for the average environment, auth is for clients, and clients are to
        > use port submission/587. if you're using submission/587 for roundcube only
        > [as you seem to indicate], then why go to all of the trouble to
        > intentionally disable encryption when it works just fine?
        >
        > -ben
      Your message has been successfully submitted and would be delivered to recipients shortly.