Re: exim and relaying -- for ONE user

To: debian-user@lists.debian.org
Subject: Re: exim and relaying -- for ONE user
From: will trillich <will@serensoft.com>
Date: Tue, 4 Feb 2003 05:24:56 -0600
Message-id: <[🔎] 20030204112456.GA4840@mail.serensoft.com>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20030204025850.GD8241@dragon.kitenet.net>
References: <20030129173035.GA17053@mail.serensoft.com> <[🔎] 20030204025850.GD8241@dragon.kitenet.net>

On Mon, Feb 03, 2003 at 09:58:50PM -0500, Joey Hess wrote:
> will trillich wrote:
> > is there some way to further restrict the relaying? i DO NOT
> > want any black hats turning my server into spam-o-rama.
> > ideas welcome.
> 
> As an alternative to the SMTP auth stuff proposed by others, I
> suggest you just set up TLS and use certificate based
> authentication. It works like this:
> 
> Your friend sets up his mail client to use TLS for outgoing
> mail and relay through your server. You set up your server to
> support TLS for incoming mail (at least). Your friend
> generates a SSL certificate and private key for his mail
> server to use, and sends you the certificate.  Then you set up
> your server to allow relaying for TLS connections set up using
> that certificate.

could you be a little less specific? (just kidding. ;)

"You set up your server to support TLS"... at which point i
start slamming the oven door on my head again.

and how does he generate such a certificate? (he's using
microso~1 outhouse, of course.)

aside from "apt-get install exim-tls" there must be much
handwaving to do. i've even dragged my eyeballs over
engelschall's mod_ssl documentation (it's for apache, but the
concepts are no doubt similar) for hours and hours and it reads
as doctoral level stuff to my third-grade education, as clear as
trying to read wiles' proof of fermat's last theorem.

> I have a setup like this for all of my laptops and other
> devices on dynamic or varying IP addresses; each computer has
> its own certificate, and uses exim; my server uses postfix
> which is easy to set up to allow relaying based on SSL
> certificates.

i'd like to stay with exim -- i think -- after having invested
this much in getting it to do as much as it does. :)

your situation sounds like exactly what i'm looking for. if i
can find the right shoehorn to cram that ssl stuff into my
brain, i might be able to move forward.

-- 
I use Debian/GNU Linux version 3.0;
Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown

DEBIAN NEWBIE TIP #116 from Karsten M. Self <kmself@ix.netcom.com>
:
Wondering WHICH PACKAGE IS USING UP ALL YOUR DISK SPACE?
You can verify a package's installed size with the dpkg -s command:
	dpkg -s <package>
And the following script will grab all your installed packages and show
their installed size, sorted and ranked by size:
	#!/bin/sh
	PATH=/bin:/usr/bin
	time dpkg --get-selections |
	grep '	install' |
	awk '{print $1}' |
	xargs -n 1 dpkg -s |
	egrep '^(Package|Installed-Size):' |
	awk '{printf( "%s:  ", $2 ); getline; printf( "%s\n", $2 )}' |
	sort -k2nr |
	cat -n=20

Also see http://newbieDoc.sourceForge.net/ ...

Reply to:

Follow-Ups:
- Re: exim and relaying -- for ONE user
  - From: Joey Hess <joeyh@debian.org>

References:
- Re: exim and relaying -- for ONE user
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: reportbug wishlist
Next by Date: Perl Modules and CPAN
Previous by thread: Re: exim and relaying -- for ONE user
Next by thread: Re: exim and relaying -- for ONE user
Index(es):
- Date
- Thread