Date: Mon, 11 Jun 2001 22:29:37 -0700 From: Alex Zepeda <jazepeda@pacbell.net> To: Dan Langille <dan@langille.org> Cc: chat@freebsd.org Subject: Re: MTA authentications Message-ID: <20010611222937.A2921@zippy.mybox.zip> In-Reply-To: <Pine.BSF.4.21.0106121617410.98765-100000@lists.unixathome.org>; from dan@langille.org on Tue, Jun 12, 2001 at 04:20:50PM %2B1200 References: <p05100306b749ddc2c10f@[194.78.241.123]> <Pine.BSF.4.21.0106121617410.98765-100000@lists.unixathome.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 12, 2001 at 04:20:50PM +1200, Dan Langille wrote: > I don't ever remember setting up a certificate. Where should I be > looking? Well you'll need to generate one. Ususally it's a good idea to get the requisite info from a Certificate Agency (again VeriSign comes to mind, but there *are* others) otherwise you can generate that yourself. You then feed it to OpenSSL to generate something that your MTA will understand. Then you should tweak the m4 stuff for sendmail and regenerate your configuration files, etc. Me, I like postfix which tends to be much simpler. > Hmmm, I think that's the option for me. Anyone know what I should be > looking for? Check thru the m4 templates. > Please explain to me how having a certificate will make me more secure. With this host at least, it will allow you to use TLS to encrypt traffic between the two hosts. The obvious advantage is that your message can't be deciphered easily. This is more of an advantage if you're using some insecure method of SMTP authentication (PLAIN/LOGIN and/or NTLM, and to some extent CRAM-MD5 too). In general the certificate (when signed by a notable, and trustworthy CA) will allow the other end to verify who you are. Think of it as a public/private key pair. - alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010611222937.A2921>