Scalix Forums

Skip to content

Mail Gateway to Scalix - forced SMTP over SSL?

Discuss the Scalix Server software

Moderators: ScalixSupport, admin

Post Reply
hubersan

Mail Gateway to Scalix - forced SMTP over SSL?

Postby hubersan » Thu Nov 02, 2006 4:36 pm

I've been through the doc in the solutions to implement SMTPS with stunnel.. that much is easy. What I'm trying to do is make sure that my mail gateway (at a hosting provider) talks encrypted SMTP to my Scalix (at home) all the time:

Internet <--> MX gateway <--> Scalix

The MX gateway is running a lot of things, but the base is Sendmail 8.13.1. I've found a doc (http://www.brandonhutchinson.com/Using_TLS_with_Sendmail.html) that talks about forcing sendmail to use TLS on certain hosts, but I have the feeling that's not what I want, since TLS isn't an option on Scalix. Also, as it's server to server traffic, I'd think that SMTP auth isn't what I want anyway.

I'm certainly not trying to re-invent the wheel here, so please don't flame me for not understanding.. :)
Top
btisdall
Scalix Star
Scalix Star
Posts: 373
Joined: Tue Nov 22, 2005 12:13 pm
Contact:
Contact btisdall

Postby btisdall » Thu Nov 02, 2006 7:08 pm

One quite simple option here would be to configure the Scalix SMTP relay to listen on port 587 for authenticated users, whilst letting sendmail listen for connections from your mailhost on port 25 using STARTTLS.
Ben Tisdall
www.redcircleit.com
London
Top
hubersan

But...

Postby hubersan » Thu Nov 02, 2006 8:13 pm

But everything I've seen so far says that STARTTLS isn't supported on Scalix - hence why you need to use stunnel...? Or did I completely miss your point?
Top
btisdall
Scalix Star
Scalix Star
Posts: 373
Joined: Tue Nov 22, 2005 12:13 pm
Contact:
Contact btisdall

Re: But...

Postby btisdall » Thu Nov 02, 2006 9:24 pm

hubersan wrote:But everything I've seen so far says that STARTTLS isn't supported on Scalix - hence why you need to use stunnel...? Or did I completely miss your point?


You did, but perhaps it was not well made... :-)

STARTTLS isn't supported by Scalix in so far as it isn't implemented by the SMTP relay component of the server, but it is by sendmail, another integral part of the system. When you install Scalix sendmail.cf is modified to include the rules necessary for sendmail to deliver messages to Scalix recipients, so what you can do is:

    Configure sendmail to listen on the external interface.

    Configure the SMTP relay to listen on port 587 & restart it.

    Restart sendmail.

    Use sendmail for your mail transfers on port 25 with STARTLS.

    Use the SMTP relay for authenticated submission from your users on port 587. You could then add stunnel to this.


HTH.
Ben Tisdall

www.redcircleit.com

London
Top
Post Reply

Return to “Scalix Server”



Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Limited
 

 

cron