[clue-tech] secure mail
William
wlist-clue at kimballstuff.com
Tue Jan 10 13:56:38 MST 2006
Jason S. Friedman wrote:
>I host a mailserver (Postfix) from home for my own use. I
>set-up Squirrelmail and I connect via https from the
>office. Therefore, it seems that my password is secure,
>as well as the content of the messages as they pass from
>home to office and from office to home. If I send mail it
>passes securely from my browser to home, and then
>insecurely over port 25 to Qwest and beyond.
>
>My question is about sending mail from the office. Again,
>I want my password encrypted and I don't care about the
>content of the mail being encrypted. I'm having a hard
>time envisioning what's going on under-the-hood. I'm not
>running an open relay, so my SMTP servers requires the
>connecting party to be someone on the local LAN. SMTP
>(port 25) does not require a password, but would my
>password be sent over in the clear anyway? After sending
>mail the message gets written to a Sent folder, and a
>password would be required for that, I think?
>
>
You can use TLS and SMTP-AUTH over SSL with Postfix and Courier for
POP3, IMAP, and SMTP -- I do and it works beautifully (in my case, with
many virtual domains). In this case, the entire dialog between your
mail client (Thunderbird) and your server (Postfix) is encrypted; not
just the login, but the entire session.
Documentation for setting this up is somewhat disparate, but focus on
postfix.org and courier-mta.org. I'm in the middle of writing a very
detailed How-To (from new OS installation to finished product), but it
isn't ready to be shared yet (perhaps in the next few weeks). If I
finish before you reach solution, I'll offer my documentation again.
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list