Does anyone have any experience printing with CUPS via SSL? I need to
print across the internet so I need the data to be transmitted via
SSL. I know CUPS supports SSL, but I can't find any information on
making it work. This guys has the same problem:
My ISP (Cox) blocks outgoing port 25 so I can't submit mail to my
remote mail server. From what I understand, port 587 is commonly used
to get around this. Can I have postfix listen on port 25 and port
587? Has anyone set that up?
- Grant
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 04:22 PM
Willie Wong
SSL CUPS and SMTP on port 587
On Sun, Feb 17, 2008 at 07:18:00AM -0800, Penguin Lover Grant squawked:
> My ISP (Cox) blocks outgoing port 25 so I can't submit mail to my
> remote mail server. From what I understand, port 587 is commonly used
> to get around this. Can I have postfix listen on port 25 and port
> 587? Has anyone set that up?
I do it slightly differently: I leave an SSH connection from my box to
the mail server, which maps some local port to port 25 on the mail
server, and send all my mail to the local port.
HTH,
W
--
"`Incidentally,' he said, `what does teleport mean?'
Another moment passed.
Slowly, the others turned to face him.
`Probably the wrong moment to ask,' said Arthur, `It's just
I remember you use the word a short while ago and I only
bring it up because...'
`Where,' said Ford quietly, `does it say teleport?'
`Well, just over here in fact,' said Arthur, pointing at a
dark control box in the rear of the cabin, `Just under the
word "emergency", above the word "system" and beside the
sign saying "out of order".'"
- Arthur finding an escape route from a certain death
situation.
Sortir en Pantoufles: up 436 days, 15:48
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 04:28 PM
Grant
SSL CUPS and SMTP on port 587
> > My ISP (Cox) blocks outgoing port 25 so I can't submit mail to my
> > remote mail server. From what I understand, port 587 is commonly used
> > to get around this. Can I have postfix listen on port 25 and port
> > 587? Has anyone set that up?
>
> I do it slightly differently: I leave an SSH connection from my box to
> the mail server, which maps some local port to port 25 on the mail
> server, and send all my mail to the local port.
Yeah I think I'll do that if port 587 doesn't work out. From what I
understand, using 587 in this way is somewhat of a standard?
- Grant
> HTH,
>
> W
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 06:51 PM
kashani
SSL CUPS and SMTP on port 587
Grant wrote:
My ISP (Cox) blocks outgoing port 25 so I can't submit mail to my
remote mail server. From what I understand, port 587 is commonly used
to get around this. Can I have postfix listen on port 25 and port
587? Has anyone set that up?
I do it slightly differently: I leave an SSH connection from my box to
the mail server, which maps some local port to port 25 on the mail
server, and send all my mail to the local port.
Yeah I think I'll do that if port 587 doesn't work out. From what I
understand, using 587 in this way is somewhat of a standard?
In your master.cf uncomment the following lines and then restart
Postfix. It should just work if you already have TLS setup.
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
kashani
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 07:24 PM
Grant
SSL CUPS and SMTP on port 587
> >>> My ISP (Cox) blocks outgoing port 25 so I can't submit mail to my
> >>> remote mail server. From what I understand, port 587 is commonly used
> >>> to get around this. Can I have postfix listen on port 25 and port
> >>> 587? Has anyone set that up?
> >> I do it slightly differently: I leave an SSH connection from my box to
> >> the mail server, which maps some local port to port 25 on the mail
> >> server, and send all my mail to the local port.
> >
> > Yeah I think I'll do that if port 587 doesn't work out. From what I
> > understand, using 587 in this way is somewhat of a standard?
>
> In your master.cf uncomment the following lines and then restart
> Postfix. It should just work if you already have TLS setup.
>
> smtps inet n - n - - smtpd
> -o smtpd_tls_wrappermode=yes
>
> kashani
I uncommented the above line and added the following to main.cf:
and restarted postfix, but I still can't send. In claws-mail, I tried
specifying 587 and I'm specifying Use SSL for SSMTP. I'm guessing TLS
isn't set up properly?
- Grant
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 07:48 PM
Grant
SSL CUPS and SMTP on port 587
> > >>> My ISP (Cox) blocks outgoing port 25 so I can't submit mail to my
> > >>> remote mail server. From what I understand, port 587 is commonly used
> > >>> to get around this. Can I have postfix listen on port 25 and port
> > >>> 587? Has anyone set that up?
> > >> I do it slightly differently: I leave an SSH connection from my box to
> > >> the mail server, which maps some local port to port 25 on the mail
> > >> server, and send all my mail to the local port.
> > >
> > > Yeah I think I'll do that if port 587 doesn't work out. From what I
> > > understand, using 587 in this way is somewhat of a standard?
> >
> > In your master.cf uncomment the following lines and then restart
> > Postfix. It should just work if you already have TLS setup.
> >
> > smtps inet n - n - - smtpd
> > -o smtpd_tls_wrappermode=yes
> >
> > kashani
>
> I uncommented the above line and added the following to main.cf:
>
> smtpd_tls_security_level = may
>
> as instructed here:
>
> http://www.postfix.org/TLS_README.html#server_enable
>
> and restarted postfix, but I still can't send. In claws-mail, I tried
> specifying 587 and I'm specifying Use SSL for SSMTP. I'm guessing TLS
> isn't set up properly?
>
> - Grant
Also I can see with nmap that smtps 465 is open and 587 is not. No
luck specifying 465 in claws-mail though.
- Grant
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 08:35 PM
kashani
SSL CUPS and SMTP on port 587
Grant wrote:
I uncommented the above line and added the following to main.cf:
and restarted postfix, but I still can't send. In claws-mail, I tried
specifying 587 and I'm specifying Use SSL for SSMTP. I'm guessing TLS
isn't set up properly?
You need more than that. My /etc/postfix/main.cf looks like this and
you'll need to create the actual certs listed below as well. I recommend
smtpd_tls_auth_only so that anyone trying to smtp auth is required to do
it over an encrypted session.
Additionally check to see what port Postfix is listening on. It's on
port 465 on my server and you'll need to set your mail client to SSL
rather than TLS.
kashani
--
gentoo-user@lists.gentoo.org mailing list
02-17-2008, 09:37 PM
Grant
SSL CUPS and SMTP on port 587
> > I uncommented the above line and added the following to main.cf:
> >
> > smtpd_tls_security_level = may
> >
> > as instructed here:
> >
> > http://www.postfix.org/TLS_README.html#server_enable
> >
> > and restarted postfix, but I still can't send. In claws-mail, I tried
> > specifying 587 and I'm specifying Use SSL for SSMTP. I'm guessing TLS
> > isn't set up properly?
>
> You need more than that. My /etc/postfix/main.cf looks like this and
> you'll need to create the actual certs listed below as well. I recommend
> smtpd_tls_auth_only so that anyone trying to smtp auth is required to do
> it over an encrypted session.
>
> # TLS stuff
> smtpd_tls_security_level = may
> smtpd_tls_auth_only = yes
> smtpd_tls_key_file = /etc/postfix/newkey.pem
> smtpd_tls_cert_file = /etc/postfix/newcert.pem
> smtpd_tls_CAfile = /etc/postfix/cacert.pem
> #smtpd_tls_loglevel = 3
> #smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> tls_random_source = dev:/dev/urandom
>
> Additionally check to see what port Postfix is listening on. It's on
> port 465 on my server and you'll need to set your mail client to SSL
> rather than TLS.
Thank you kashani. Now I'm getting "Relay access denied". I've been
sending via squirrelmail running on the same server so I need to make
an adjustment. What I'd like to do is allow relaying for any
authenticated smtp client but I don't see any option for that in the
main.cf comments. I tried adding "grant" to the postdrop group with
no luck.
SSL CUPS and SMTP on port 587
