Quote:
Originally Posted by bathory
IMHO QMR is better that LWQ, because it's fully patched to support a vast variety of add-ons. That is why it has native support for tls. Besides that the installation is straight forward, while in QMR you have to do most of the things by hand. If you want to go with LWQ, then you have to patch it yourself for tls. Read this for details
Regards
|
I used the link suggested by
bathory and it really helped. I have SSL-secured SMTP and POP3 now.
However, that tutorial does not contemplate authentication. Note this session output taken from that very same page:
Code:
* telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 host.example.com ESMTP
* EHLO there
250-host.example.com
250-PIPELINING
250-8BITMIME
250 STARTTLS
* QUIT
221 host.example.com
In comparison, look at what I get from my old server:
Code:
luc[359-1]/> telnet domain.com 25
Trying 64.65.66.67...
Connected to domain.com.
Escape character is '^]'.
220 domain.com ESMTP
ehlo domain.com
250-domain.com
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250-PIPELINING
250 8BITMIME
quit
221 domain.com
Connection closed by foreign host.
Exit 1
My NEW server does not have those AUTH lines:
Code:
luc[361-1]/> telnet newdomain.com 25
Trying 74.75.76.77...
Connected to newdomain.com.
Escape character is '^]'.
220 newdomain.com ESMTP
ehlo newdomain.com
250-newdomain.com
250-STARTTLS
250-PIPELINING
250 8BITMIME
quit
221 newdomain.com
Connection closed by foreign host.
Exit 1
I looked for "inspiration" in the
/var/qmail/supervise/qmail-smtpd/run file of my old server, comparing it to the one in the new server.
NEW SERVER:
Code:
blah blah blah...
exec /usr/local/bin/softlimit -m 30000000 \
/usr/local/bin/sslserver -e -n -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd 2>&1
OLD SERVER:
Code:
exec /usr/local/bin/softlimit -m 30000000 \
/usr/local/bin/tcpserver -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/var/qmail/bin/qmail-smtpd host.domain.com \
/home/vpopmail/bin/vchkpw /usr/bin/true 2>&1
Is that all? Just invoke vchkpw?
Code:
exec /usr/local/bin/softlimit -m 30000000 \
/usr/local/bin/sslserver -e -n -v -R -l "$LOCAL" -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/qmail-smtpd \
host.newdomain.com /var/vpopmail/bin/vchkpw /usr/bin/true 2>&1
No, apparently not. SSL is working well, but I still have no authentication. Without authentication, relay is closed and I cannot use my own server to send mail anywhere outside of my own local domains.
Can anyone here tell me how I can fix this?