Loading ...
Sorry, an error occurred while loading the content.

Re: question about auth, smtpd and roundcube

Expand Messages
  • Felix Rubio Dalmau
    The underlying reason is that I am using a very small machine (and AMD-350), which I have set-up to be fanless., and which is running, appart from the mail
    Message 1 of 5 , Jun 22, 2013
    • 0 Attachment
      The underlying reason is that I am using a very small machine (and AMD-350),
      which I have set-up to be fanless., and which is running, appart from the mail
      server for my family, a couple of webservers, owncloud' instances, etc. So, I
      thought that I could free it from some work by disabling the encryption in the
      roundcube.

      Regards!

      Felix


      On Friday 21 June 2013 22:17:49 btb@... wrote:
      > On Jun 21, 2013, at 03.50, Felix Rubio Dalmau <felixrubiodalmau@...>
      wrote:
      > > Sorry for disturbing you, Ben
      > >
      > > Thank you for your answer, but there is one point I don't fully get:
      If I
      > >
      > > set up an smtp [25] to offer encryption without auth, a submission [587]
      > > to
      > > require encryption and auth, and I want roundcube to access the mail
      > > server
      > > with auth but without encryption.... I am stuck at the same point, right?
      > >
      > > Finally, I have configured smtp [25] to offer encryption, and auth only
      > >
      > > under tls. I have also set up a submission [587] without encryption,
      > > requiring auth, for roundcube. Finally I have closed port 587 using
      > > iptables, so can be used only through the loopback interface.
      >
      > let's please keep the discussion on the list, so others may participate.
      >
      > the key here is the "I want roundcube to access the mail server with auth
      > but without encryption". why bother? roundcube happily performs
      > encryption just fine, it hurts nothing to do it, and it obviates the need
      > for unnecessary special treatment.
      >
      > you should not be offering auth on port 25, encryption or not. we don't
      > need to get into all of the corner cases or special use cases, but far and
      > away, for the average environment, auth is for clients, and clients are to
      > use port submission/587. if you're using submission/587 for roundcube only
      > [as you seem to indicate], then why go to all of the trouble to
      > intentionally disable encryption when it works just fine?
      >
      > -ben
    Your message has been successfully submitted and would be delivered to recipients shortly.