Autor: Odhiambo Washington Data: Para: Tamas TEVESZ CC: Exim Users Asunto: Re: [Exim] Help with SMTP AUTH
* Tamas TEVESZ <ice@???> [20010829 09:31]: writing on the subject 'Re: [Exim] Help with SMTP AUTH' | On Wed, 29 Aug 2001, Odhiambo Washington wrote:
|
| > SMTP AUTH with TLS/SSL:
| >
| > A strong point has been made for this. From my 'personal' inference, it
| > would appear that a case has been made that it's the best
| > implementation. The only limitation to it would be the certificates issue,
| > which seems to draw mixed reactions.
|
| you don't HAVE TO use certs for client identification. you however CAN
| use certs for client identification. this is a big difference.
I was referring to locally generated certs. Someone mentioned on this very
thread, actually Dave C:
"If you mean locally generated ones, good luck getting clients (the
program kind) to accept them.."
I've not ventured into the world of Verisign and such like but I hear they
are expensive piece of coded certs. Now I'm not sure my boss will agree to
invest on them at the moment, while it's also apparent that locally
generated ones are another hustle....as Dave says.
|
| > TWO different passwords, one for dialup and one for POP3. I cannot enforce
|
| have the same. i learned a friend of mine did something like ${lookup
| radius{ for exim :> dunno how complete or usable though.. all you have
| to do now is pop in a radius auth module in courier (if there's not
| one already) and your clients have only one password that takes them
| everywhere. and, as an added bonus, it doesn't cause you admin
| headache.
In my case, the Radius server is a proprietary software from Extent.com
called RBS and it runs only on Linux! I've never had a psyche for Linux
and so whatever I mangle runs on FreeBSD. I let my colleague run the Linux
box (Oracle+RBS). Importing this would be a nightmare to me because I
have no experience with a db implementation yet. First I'll have to run
Oracle (on FreeBSD - it's never straightforward like it is on
Linux) then do a lookup from the Oracle db for the usernames/passwds
I also run a simplish POP3 Server - popa3d. So you see why I have to stick
to simplistic implementations ;-)