Postfix docs Search Results:

Looking for ask in entire archive - Found 42 matches in 16 files
Showing results 1 - 16
Postfix Configuration Parameters, Feb 8 2008
smtpd_tls_ask_ccert
Ask a remote SMTP client for a client certificate. This information is needed for certificate based mail relaying with, for example, the permit_tls_clientcerts feature.
This is the most appropriate setting for public MX hosts, and is always used with opportunistic TLS encryption. The underlying cipherlist is specified via the tls_export_cipherlist configuration parameter, which you are strongly encouraged to not change. The default value of tls_export_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
configuration parameter, which you are strongly encouraged to not change. The default value of tls_low_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
configuration parameter, which you are strongly encouraged to not change. The default value of tls_high_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
With mandatory TLS encryption, require a trusted remote SMTP client certificate in order to allow TLS connections to proceed. This option implies "smtpd_tls_ask_ccert = yes".
To verify SMTP client certificates, see TLS_README for a discussion of the smtpd_tls_ask_ccert, smtpd_tls_req_ccert, and permit_tls_clientcerts

Postfix Configuration Parameters, Feb 8 2008
smtpd_tls_ask_ccert
Ask a remote SMTP client for a client certificate. This information is needed for certificate based mail relaying with, for example, the permit_tls_clientcerts feature.
This is the most appropriate setting for public MX hosts, and is always used with opportunistic TLS encryption. The underlying cipherlist is specified via the tls_export_cipherlist configuration parameter, which you are strongly encouraged to not change. The default value of tls_export_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
configuration parameter, which you are strongly encouraged to not change. The default value of tls_low_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
configuration parameter, which you are strongly encouraged to not change. The default value of tls_high_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
With mandatory TLS encryption, require a trusted remote SMTP client certificate in order to allow TLS connections to proceed. This option implies "smtpd_tls_ask_ccert = yes".
To verify SMTP client certificates, see TLS_README for a discussion of the smtpd_tls_ask_ccert, smtpd_tls_req_ccert, and permit_tls_clientcerts

Postfix Configuration Parameters, Feb 8 2008
smtpd_tls_ask_ccert
Ask a remote SMTP client for a client certificate. This information is needed for certificate based mail relaying with, for example, the permit_tls_clientcerts feature.
This is the most appropriate setting for public MX hosts, and is always used with opportunistic TLS encryption. The underlying cipherlist is specified via the tls_export_cipherlist configuration parameter, which you are strongly encouraged to not change. The default value of tls_export_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
configuration parameter, which you are strongly encouraged to not change. The default value of tls_low_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
configuration parameter, which you are strongly encouraged to not change. The default value of tls_high_cipherlist includes anonymous ciphers, but these are automatically filtered out if the server is configured to ask for client certificates. If you must always exclude anonymous ciphers, set "smtpd_tls_exclude_ciphers = aNULL". To exclude anonymous ciphers only when TLS is enforced, set "smtpd_tls_mandatory_exclude_ciphers = aNULL".
With mandatory TLS encryption, require a trusted remote SMTP client certificate in order to allow TLS connections to proceed. This option implies "smtpd_tls_ask_ccert = yes".
To verify SMTP client certificates, see TLS_README for a discussion of the smtpd_tls_ask_ccert, smtpd_tls_req_ccert, and permit_tls_clientcerts

Postfix TLS Support, Feb 8 2008
Note, that unless client certificates are used to allow greater access to TLS authenticated clients, it is best to not ask for client certificates at all, as in addition to increased overhead some clients (notably in some cases qmail) are unable to complete the TLS handshake when client certificates are requested.
To receive a remote SMTP client certificate, the Postfix SMTP server must explicitly ask for one (any contents of $smtpd_tls_CAfile
are also sent to the client as a hint for choosing a certificate from a suitable CA). Unfortunately, Netscape clients will either complain if no matching client certificate is available or will offer the user client a list of certificates to choose from. Additionally some MTAs (notably some versions of qmail) are unable to complete TLS negotiation when client certificates are requested, and abort the SMTP session. So this option is "off" by default. You will however need the certificate if you want to use certificate based relaying with, for example, the permit_tls_clientcerts feature. A server that wants client certificates must first present its own certificate. While Postfix 2.3 by default offers anonymous ciphers to remote SMTP clients, these are automatically suppressed when the Postfix SMTP server is configured to ask for client certificates.
/etc/postfix/main.cf: smtpd_tls_ask_ccert = yes # Postfix 2.3 and later smtpd_tls_security_level = may # Obsolete, but still supported smtpd_use_tls = yes
When TLS is enforced you may also decide to REQUIRE a remote SMTP client certificate for all TLS connections, by setting "smtpd_tls_req_ccert = yes". This feature implies "smtpd_tls_ask_ccert = yes". When TLS is not enforced, "smtpd_tls_req_ccert = yes" is ignored and a warning is logged.

Postfix Debugging Howto, Feb 8 2008
With Postfix version 2.1 and later you can ask Postfix to produce mail delivery reports for debugging purposes. These reports not only show sender/recipient addresses after address rewriting and alias expansion or forwarding, they also show information about delivery to mailbox, delivery to non-Postfix command, responses from remote SMTP servers, and so on.
If the problem goes away, then it is time to ask your vendor for help.

Postfix Address Rewriting, Feb 8 2008
With Postfix version 2.1 and later you can ask Postfix to produce mail delivery reports for debugging purposes. These reports not only show sender/recipient addresses after address rewriting and alias expansion or forwarding, they also show information about delivery to mailbox, delivery to non-Postfix command, responses from remote SMTP servers, and so on.

Postfix Address Rewriting, Feb 8 2008
With Postfix version 2.1 and later you can ask Postfix to produce mail delivery reports for debugging purposes. These reports not only show sender/recipient addresses after address rewriting and alias expansion or forwarding, they also show information about delivery to mailbox, delivery to non-Postfix command, responses from remote SMTP servers, and so on.

The Standard: Behind the Big Blue Wall, Feb 8 2008
Just over two years ago, Nick Donofrio, senior vice president for technology at IBM (IBM), received a surprise phone call from his boss, Louis Gerstner. The company's CEO had just read a New York Times article about an IBM developer who had released an e-mail program called SecureMailer, written in open-source code - freely distributed software that could be modified by anyone. Though he didn't phrase it this way, Gerstner was essentially calling to ask, "What the hell's going on here?"

SecurityPortal - Kurt's Closet: Postfix - the Sendmail replacement, Feb 8 2008
Ask Buffy

SecurityPortal - Postfix - The Sendmail replacement part II, Feb 8 2008
Ask Buffy

Venema aims to make network software safe, Feb 8 2008
Ask the Experts

Postfix Architecture Overview, Feb 8 2008
The scache(8) server maintains the connection cache for the Postfix smtp(8) client. When connection caching is enabled for selected destinations, the smtp(8) client does not disconnect immediately after a mail transaction, but gives the connection to the connection cache server which keeps the connection open for a limited amount of time. The smtp(8) client continues with some other mail delivery request. Meanwhile, any smtp(8) process can ask the scache(8) server for that cached connection and reuse it for mail delivery. As a safety measure, Postfix limits the number of times that a connection may be reused.

Postfix Installation From Source Code, Feb 8 2008
If the command produces compiler error messages, it may be time to search the web or to ask the postfix-users@postfix.org mailing list, but be sure to search the mailing list archives first. Some mailing list archives are linked from http://www.postfix.org/.

Postfix Connection Cache, Feb 8 2008
Meanwhile, any smtp(8) client process can ask the scache(8) server for that cached connection and reuse it for mail delivery.

Postfix Address Rewriting, Feb 8 2008
With Postfix version 2.1 and later you can ask Postfix to produce mail delivery reports for debugging purposes. These reports not only show sender/recipient addresses after address rewriting and alias expansion or forwarding, they also show information about delivery to mailbox, delivery to non-Postfix command, responses from remote SMTP servers, and so on.

Salon.com Technology | How Big Blue fell for Linux, Feb 8 2008

New Query: Rank by:
Search results by Webglimpse Advanced Site Search Engine