secure lmtp connection between sendmail and cyrus
Marcus Schopen
lists at localguru.de
Sun Feb 16 13:08:40 EST 2014
Am Sonntag, den 16.02.2014, 00:43 +0100 schrieb Marcus Schopen:
> Am Samstag, den 15.02.2014, 18:56 +0100 schrieb Marcus Schopen:
> > Hi,
> >
> > I'm looking for a secure and stable way to connect sendmail (8.14.4) and
> > cyrus (2.4.12) in case of both hosts not running on the same machine or
> > in the same local secure subnet.
> >
> > What is a practical way? An openvpn (tcp or udp?) connection between
> > sendmail and cyrus and starting lmtpd with -a option at the tunnel's
> > end?
> >
> > Or a LMTPs connection with LMTP_AUTH, but couldn't find any good example
> > configs how to configure sendmail to use LMTP_AUTH und TLS to talk to
> > cyrus.
>
> LMTP_AUTH connections via access
>
> # client AUTH
> AuthInfo:IP "I:testuser" "P:test
>
> and put testuser to lmtp_admins on cyrus side
> lmtp_admins: testuser
>
> But this is still not secure of course. Would a openvpn or tinc tunnel
> be faster instead of a LMTPs connection?
TLS for lmtp connections between sendmail and cyrus seems to work out of
the box as soon as tls_cert_file, tls_key_file and tls_ca_file are set
on cyrus side and sendmail is configured with starttls and sasl. Nice!
But question is still if a permanent openvpn tunnel to an lmtpd started
with -a is faster than an authentication and starting tls for each
incoming email?
Ciao!
More information about the Info-cyrus
mailing list