Josh Trutwin writes: > The MTA is qmail, I've found this to be what looks like the most > maintained patch for STARTTLS SMTP: http://inoa.net/qmail-tls/ Don't use that. See my last post about security. Compile something insecure like OpenSSL into qmail and you'll make it as secure as Sendmail. > I've also thought about doing SMTP over stunnel, I guess you can also > implement STARTTLS with a patch to stunnel as well. Using stunnel or sslserver (both use OpenSSL) is much better than compiling SSL into qmail. sslserver might work better as it has all the tcpserver features. That method will work fine with Outlook Express. > Anyone have any > suggestions for STARTTLS and qmail? Until Dan Bernstein writes an SSL implemenation, don't do it. > The only thing I think I am missing is APOP and SPF support. Do > people use these? This checkpassword implementation claims to support APOP. Personally, I wouldn't worry about it, as anyone who cares will likely be using SSL: http://checkpw.sourceforge.net/checkpw/ > SPF seems to be a hot topic, at least on the qmail > list. Any thoughts? I you haven't already read this, do so now: http://cr.yp.to/qmail/antispam.html Understand that most people who talk about spam don't really know how it works. > I'm currently in the works on a huge html > document to describe step-by-step how to setup the above with qmail. > I'll share with the list when I'm done. There are several of those out there already. Make sure you follow the "Life with qmail" method, post it to the qmail mailing list and you might get some good feedback. > Lastly, am I correct in assuming that ESMTP is the same as SMTP AUTH? No. ESMTP is a string used by an SMTP server's initial greeting that indicates it supports SMTP Service Extensions (i.e. it supports EHLO). SMTP AUTH is only one extension. http://cr.yp.to/smtp/greeting.html http://www.ietf.org/rfc/rfc1869.txt -- David Phillips <david at acz.org> http://david.acz.org/ _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list