[tech] marblefish
David Adam
zanchey at ucc.gu.uwa.edu.au
Mon Feb 27 22:42:58 WST 2006
On Mon, 27 Feb 2006, James Andrewartha wrote:
> On Mon, 27 Feb 2006, Grahame Bowland wrote:
> > On 26/2/06 10:20 PM, "James Andrewartha" <trs80 at ucc.gu.uwa.edu.au> wrote:
> >> I was thinking IPSec or OpenVPN, I'm not sure whether terminating on
> >> madako or mooneye is the best plan (probably mooneye).
> > For the link, why not just use SSL-encrypted SMTP, running on the standard
> > secure SMTP port? It's really easy to get postfix to permit relaying based
> > on the SSL cert that the client has got. That's really all you need, and it
> > won't rely on some tunnel being up all the time.
>
> Mainly because I want to reject invalid users at rcpt.to time. There will
> be a local SMTP server as a secondary MX that will then deliver via your
> method if the tunnel goes down at any point.
Incidentally, how are we going to do that? Mount /home/mail and run LDAP
over the tunnel?
I know almost nothing about such things and am enjoying this process
immensely.
David Adam
UCC Wheel Member, master of the desktops
zanchey@
More information about the tech
mailing list