Server Team 2007-11-20 meeting minutes
On Sat, 24 Nov 2007 13:52:11 -0500
Scott Kitterman <ubuntu@kitterman.com> wrote: > I think we need to either provide no plain text mechanisms or provide > TLS. Since the default setting for smtp_sasl_security_options > (noplaintext, noanonymous) will not allow plain text mechanisms > without TLS, then this is safe. For both dovecot and postfix, TLS is enabled by default in Ubuntu. > It would be better, if it's achievable, to set up TLS and allow plain > text (LOGIN and PLAIN) since between those two virtually all mail > clients are supported. Perhaps, at a minimum, check for TLS and if > it's enabled, add: > > postconf -e "smtp_sasl_security_options = noanonymous" > postconf -e "broken_sasl_auth_clients = yes" I was considering those two, but I really wanted minimum for a start... -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server Team 2007-11-20 meeting minutes
On Saturday 24 November 2007 15:11, Ante Karamatić wrote:
> On Sat, 24 Nov 2007 13:52:11 -0500 > > Scott Kitterman <ubuntu@kitterman.com> wrote: > > I think we need to either provide no plain text mechanisms or provide > > TLS. Since the default setting for smtp_sasl_security_options > > (noplaintext, noanonymous) will not allow plain text mechanisms > > without TLS, then this is safe. > > For both dovecot and postfix, TLS is enabled by default in Ubuntu. > > > It would be better, if it's achievable, to set up TLS and allow plain > > text (LOGIN and PLAIN) since between those two virtually all mail > > clients are supported. Perhaps, at a minimum, check for TLS and if > > it's enabled, add: > > > > postconf -e "smtp_sasl_security_options = noanonymous" > > postconf -e "broken_sasl_auth_clients = yes" > > I was considering those two, but I really wanted minimum for a start... I think that's reasonable for now, but we ought to get Plain and Login in there before Hardy's release. I think this option is a great one for people who aren't experienced Postfix admins and so it's be a bit of a suprise to them not to have these included. Scott K -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
Server Team 2007-11-20 meeting minutes
On Mon, 26 Nov 2007 10:00:14 -0500
Scott Kitterman <ubuntu@kitterman.com> wrote: > I think that's reasonable for now, but we ought to get Plain and > Login in there before Hardy's release. I think this option is a > great one for people who aren't experienced Postfix admins and so > it's be a bit of a suprise to them not to have these included. Those two options will be in Hardy, and 'Login' will be in dovecot's config before Hardy. I wouldn't do it without them :) -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam |
| All times are GMT. The time now is 06:00 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.