From owner-freebsd-questions Wed Sep 22 17:15: 1 1999 Delivered-To: freebsd-questions@freebsd.org Received: from wanadoo.fr (smtp-out-001.wanadoo.fr [193.252.19.68]) by hub.freebsd.org (Postfix) with ESMTP id 2244D14BC8 for ; Wed, 22 Sep 1999 17:14:53 -0700 (PDT) (envelope-from arkel@phear.org) Received: from erik@BRouen-1-1-204.abo.wanadoo.fr [193.250.17.204] by wanadoo.fr for Paris Thu, 23 Sep 1999 02:14:49 +0200 (MET DST) Message-ID: <37E98CE9.3702E120@phear.org> Date: Thu, 23 Sep 1999 04:14:01 +0200 From: Erik de Zeeuw X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.2.9-27mdk i686) X-Accept-Language: fr, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Mail server questions ( long post, you've been warned :) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi to all FreeBSD users, I'm once again asking for help on the freebsd-questions precious list :) This is a long post, and I apology for this. Feel free to stop reading and flame me if you don't want to hear about me and my questions :) I'm setting up a mail server. For now, it just has to be a small one, for ~50 users, but it will soon be pretty busy, with a lot more users ( ~200 minimum, but an explosion is possible if we decide to give a free e-mail to each of our customers :). Of course, those users are roaming ones, thus adding complexity in setting up the mail server for relaying :) On the paper, and on my dreams, the users would be able to read their messages with imap, through an encrypted imap login. Of course the server should enable smtp relaying, but only for those users. This can be done with SMTP-authentification ( users giving login/password before sending messages ), in which case that should be encrypted. As not all clients supports smtp-authentication and ssl/tls encryption, this can also be done with pop-before-smtp. This means having a daemon look at syslog for successfull pop/imap logging, and managing a table with those ip so that the smtp server could look if it matches the ips requesting smtp relay. Of course, the users shouldn't be some "real" users on the server, just virtual mail-only users. And of course once again, these users would be very happy to benefits from a web based mail reading/sending, with of course SSL encryption on this. I know this sounds like impossible, but I searched to get some tools to do all of the above, and I've found these ones : - PostFix, http://www.postfix.org. It's a "young" software, but it has some nice features, and some more interesting features are coming. PostFix takes place of Sendmail. It has a nice patch to do SMTP authentication ( users send a login/password to enable relaying on the server, which does not relay anything without l/p ). And it has another nice patch to do SSL/TLS encryption. So Postfix will soon be able to use encrypted smtp-authentification for users to be able to get their messages relayed, as soon as both patches works together :) The pop-before-smtp can be done with Postfix. this requires some modification both in postfix source, and in imap server source, but this can be done. I found DRAC (http://mail.cc.umanitoba.ca), and someone pointed me WHOSON (hhtp://www.average.org), but there is also some scripts and a patch to Postfix that can do that. - Cyrus IMAP (http://asg.web.cmu.edu/cyrus/imapd/). I didn't succeed for now in making this work as I want to ( making users only known from the imap server ). Cyrus seems to have some nice features, although I've some troubles to understand how their SASL library work :) imap-uw is an alternative, but it is not as secure as Cyrus, although it works out of the tarball. But it lacks the virtual users stuff I would like. Both of the imap servers have been reported to work with ssl encryption, using tools such as SSLwrap (http://www.rickk.com/sslwrap) or STunnel (http://mike.daewoo.com.pl/computer/stunnel). make an encrypted tunnel between the server and the client. - For the webmail, a recent edition of www.daemonnews.org had an article called "A Webmail solution using IMP", which I found very instructive, so i downloaded that IMP software from http://www.horde.org/imp/. That sounds good and this will be my first try with setting up webmail. So at the end, my dream have a little taste of reality, but leads to some question to the gurus out there :)) If you already configured one or more things that I talk about, I would be glad to hear from you. May be there's some other tools, or simply some other way to do what i want, and that i would be glad to know about. All of this might not be necessary, and I would also be glad to hear about other simpler solutions to make things approaching what I describe. After all, sendmail+pop is not so bad ;) So thanks for reading this loong post, and feel free to give me the clues you have, or simply to flame me back for writing so much ! :) The last thing is that as I'm moving from an e-mail to another, I stopped my subscription to this list, so it would be nice to make a CC to me if you reply to the list. Thanks. Erik de Zeeuw, arkel@phear.org erik.dezeeuw@wanadoo.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message