[tech] marblefish

David Adam zanchey at ucc.gu.uwa.edu.au
Mon Feb 27 22:42:58 WST 2006


On Mon, 27 Feb 2006, James Andrewartha wrote:
> On Mon, 27 Feb 2006, Grahame Bowland wrote:
> > On 26/2/06 10:20 PM, "James Andrewartha" <trs80 at ucc.gu.uwa.edu.au> wrote:
> >> I was thinking IPSec or OpenVPN, I'm not sure whether terminating on
> >> madako or mooneye is the best plan (probably mooneye).
> > For the link, why not just use SSL-encrypted SMTP, running on the standard
> > secure SMTP port? It's really easy to get postfix to permit relaying based
> > on the SSL cert that the client has got. That's really all you need, and it
> > won't rely on some tunnel being up all the time.
>
> Mainly because I want to reject invalid users at rcpt.to time. There will
> be a local SMTP server as a secondary MX that will then deliver via your
> method if the tunnel goes down at any point.

Incidentally, how are we going to do that? Mount /home/mail and run LDAP
over the tunnel?

I know almost nothing about such things and am enjoying this process
immensely.

David Adam
UCC Wheel Member, master of the desktops
zanchey@


More information about the tech mailing list