FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Server Development

 
 
LinkBack Thread Tools
 
Old 11-24-2007, 07:11 PM
Ante Karamatić
 
Default Server Team 2007-11-20 meeting minutes

On Sat, 24 Nov 2007 13:52:11 -0500
Scott Kitterman <ubuntu@kitterman.com> wrote:

> I think we need to either provide no plain text mechanisms or provide
> TLS. Since the default setting for smtp_sasl_security_options
> (noplaintext, noanonymous) will not allow plain text mechanisms
> without TLS, then this is safe.

For both dovecot and postfix, TLS is enabled by default in Ubuntu.

> It would be better, if it's achievable, to set up TLS and allow plain
> text (LOGIN and PLAIN) since between those two virtually all mail
> clients are supported. Perhaps, at a minimum, check for TLS and if
> it's enabled, add:
>
> postconf -e "smtp_sasl_security_options = noanonymous"
> postconf -e "broken_sasl_auth_clients = yes"

I was considering those two, but I really wanted minimum for a start...

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 11-26-2007, 02:00 PM
Scott Kitterman
 
Default Server Team 2007-11-20 meeting minutes

On Saturday 24 November 2007 15:11, Ante Karamatić wrote:
> On Sat, 24 Nov 2007 13:52:11 -0500
>
> Scott Kitterman <ubuntu@kitterman.com> wrote:
> > I think we need to either provide no plain text mechanisms or provide
> > TLS. Since the default setting for smtp_sasl_security_options
> > (noplaintext, noanonymous) will not allow plain text mechanisms
> > without TLS, then this is safe.
>
> For both dovecot and postfix, TLS is enabled by default in Ubuntu.
>
> > It would be better, if it's achievable, to set up TLS and allow plain
> > text (LOGIN and PLAIN) since between those two virtually all mail
> > clients are supported. Perhaps, at a minimum, check for TLS and if
> > it's enabled, add:
> >
> > postconf -e "smtp_sasl_security_options = noanonymous"
> > postconf -e "broken_sasl_auth_clients = yes"
>
> I was considering those two, but I really wanted minimum for a start...

I think that's reasonable for now, but we ought to get Plain and Login in
there before Hardy's release. I think this option is a great one for people
who aren't experienced Postfix admins and so it's be a bit of a suprise to
them not to have these included.

Scott K

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 
Old 11-26-2007, 07:27 PM
Ante Karamatić
 
Default Server Team 2007-11-20 meeting minutes

On Mon, 26 Nov 2007 10:00:14 -0500
Scott Kitterman <ubuntu@kitterman.com> wrote:

> I think that's reasonable for now, but we ought to get Plain and
> Login in there before Hardy's release. I think this option is a
> great one for people who aren't experienced Postfix admins and so
> it's be a bit of a suprise to them not to have these included.

Those two options will be in Hardy, and 'Login' will be in dovecot's
config before Hardy. I wouldn't do it without them

--
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam
 

Thread Tools




All times are GMT. The time now is 03:38 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org