[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian offering stunnel/OpenVPN capabilities? [Was: Re: Restrictive SMTP server]

On Tue, Mar 15, 2005 at 01:04:53PM +0100, Jesus Climent wrote:
> > > 
> > > I'm willing to provide an OpenVPN tunnel to an SMTP server for any DD who is
> > > unable to find alternate lodgings, and I'm pretty sure I'm not the only one.
> > 
> > I can offer something as well - I would probably lean towards just
> > auth+ssl instead of over VPN, but it's up to you.  I just don't happen
> > to have a VPN set up yet, so it's less ovrhead for me :)
> Could we think on some stunnel or OpenVPN feature under
> people.debian.org/other machine to get mail from debian.org routed to the
> outside world?
> With stunnel, a level3 of authentication would be needed, so that the server
> gets a client certificate and the client gets a server one. With the
> combination of both, one can connect to, say, port 25025 and get a proper
> postfix/exim SMTP server on the remote machine.
> I have been dealing with a similar configuration and seems to be working fine
> so far.

Forgot to mention that the way to get those certs in the server machine would
be using your gpg-signed certificate in combination with whichever way of
sending an email you have.

Jesus Climent                                      info:www.pumuki.org
Unix SysAdm|Linux User #66350|Debian Developer|2.6.10|Helsinki Finland
GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429  7E18 66FC 1D7F 8694 6D69

When you dance with the devil, you wait for the song to stop.
		--Barry the Baptist (Lock, Stock and Two Smoking Barrels)

Reply to: