[Gllug] Sendmail, Firewalls, SSL...

Formi formi at blueyonder.co.uk
Wed Jun 26 12:10:06 UTC 2002 

On 26 Jun 2002, Mike Brodbelt wrote:

> On Tue, 2002-06-25 at 08:06, Formi wrote:
> > 
> > 
> >  Hello, 
> > 
> >  collection of questions for those with time and will.
> 
> Well, here's attempts at a couple :-)
> 
> >  I want to be able to have the mail passed through procmail, 
> >  but only for my domains and the server's owner accounts. 
> >  Not the normal POP3 users. Is that possible?
> 
> What's the IMAP server? You can do this, but how will depend partly on
> the IMAP server.

 It's the standard rh one, the UW Imap. 

> 
> The way I'd do it would be to have a class defined in your sendmail.cf
> that maps to a hash map, and then populate that with a list of the
> domains you want procmail processing for. You can then have sendmail
> select procmail as the local delivery agent for those addresses. It;s
> then procmail's job to perform final delivery. This may involve procmail
> invoking yet another helper program to perform final delivery, if the
> IMAP server uses a mailstore format that procmail doesn't understand
> (i.e. cyrus).


Could you provide an example?


> 
> Sendmail makes this sort of stuff relatively easy - you can have as many
> local delivery agents as you like, and set them all up to do different
> processing on the messages if you like.
> 
> >  Stupid Issue 3: The machine has only one nic, and a virtual eth1.
> >  Should I run all services on 127.0.0.1 or on the nic's ips?
> >  
> >  Right now I have a mixture and it works, but sendmail takes more
> >  time that what the other servers on other machines. 
> > 
> >  Issue 3: Fecthmail, when polling the imaps server tells me something
> >  Server Commonname Mismatch "localhost.localdomain != mail.mydomain.net" 
> >  but it works. It pops up during the ssl negotation.
> > 
> >  Where can I change that?
> 
> It's telling you the the common name presented in the IMAPS server's
> certificate did not match the DNS name of the machine. You'll probably
> need to regenerate the SSL cert to fix this. If it's a commercialy
> signed cert, this may cost....


  I guessed that one myself, I suppose I will have to find out how to 
 create those certificate.

 They are personal sites, at least the ones I want ssl for.

 I suppose I should have made myself clear, I'm being lazy and asking
 for the actual "implementation", like 

 type "ssl -c new.certificate"       # just an example.

 Thanks for the help 

-- 
				
    V   
   . .                              Formi		
    v 
   / \ GZ           MDK 8.2 ThinkPad 560E
  // \\/   
 /( _ )     Linux Registered User #235743
  ^   ^  	     	



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list