From owner-freebsd-questions@FreeBSD.ORG Wed Jun 16 22:32:02 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A918016A4CE for ; Wed, 16 Jun 2004 22:32:02 +0000 (GMT) Received: from serv01.divms.uiowa.edu (serv01.divms.uiowa.edu [128.255.44.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F1BA43D1F for ; Wed, 16 Jun 2004 22:32:02 +0000 (GMT) (envelope-from jdusek@cs.uiowa.edu) Received: from cs.uiowa.edu ([128.255.34.189]) by serv01.divms.uiowa.edu with id i5GMW0lQ020158 for ; Wed, 16 Jun 2004 17:32:00 -0500 (CDT) Message-ID: <40D0CA60.5020100@cs.uiowa.edu> Date: Wed, 16 Jun 2004 17:32:00 -0500 From: Jason Dusek Organization: University of Iowa User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040408 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <40D023A1.8090009@cs.uiowa.edu> <20040616140305.GD32001@millerlite.local.mark-and-erika.com> <20040616145305.GB15913@ei.bzerk.org> <40D081D1.1060606@mac.com> <16592.38955.399680.399710@jerusalem.litteratus.org> <20040616201347.GB29666@spamcop.net> <786347175.20040616153248@mygirlfriday.info> In-Reply-To: <786347175.20040616153248@mygirlfriday.info> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.37 Subject: Re: Mail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: jason-dusek@uiowa.edu List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jun 2004 22:32:02 -0000 I've decided to give Dovecot a shot. However, when I try to run it I get and error message: root # dovecot Fatal: Can't use SSL certificate /var/dovecot/ssl/certs/dovecot.pem: No such file or directory So I need to make some certs. However, there is no "make certs" for dovecot - so what exactly do I need to do? Do I just use openssl to make me some certificates and put them in the right places Or are there some fine points to making appropriate certificates? -- -- Jason Dusek ("`-''-/").___..--''"`-._ -- | `6_ 6 ) `-. ( ).`-.__.`) -- | (_Y_.)' ._ ) `._ `. ``-..-' -- | _..`--'_..-_/ /--'_.' ,' -- | (il),-'' (li),' ((!.-' -- Gary wrote: > Hi Jim, > > On Wed, 16 Jun 2004 16:13:47 -0400 UTC (6/16/2004, 3:13 PM -0500 UTC my > time), Jim Trigg wrote: > > > J> Postfix and Exim. I found no security advisories for either on the CERT > J> website; that actually covers their entire lifecycles. > > Postfix: Actually IIRC, there were two, but could only find one in a short > time of checking. > > Postfix versions before 1.1.12 allow an attacker to bounce-scan private > networks, or use the daemon as a DDoS tool by forcing the daemon to connect > to an arbitrary service at an arbitrary IP address and receiving either a > bounce message or by analyzing timing. The Common Vulnerabilities and > Exposures project (cve.mitre.org) has assigned the name CAN-2003-0468 to > this issue. > > Postfix versions from 1.1 up to and including 1.1.12 have a bug where a > remote attacker could send a malformed envelope address and: > also > http://www.net-security.org/advisory.php?id=2327 > > > EXIM > > http://www.guninski.com/exim1.html > > or http://www.icetalk.com/Exim-N2588.html same as http://secunia.com/advisories/11558/ > > and http://www.spinics.net/lists/security/msg01343.html > > >