DaemonForums  

Go Back   DaemonForums > Miscellaneous > General software and network

General software and network General OS-independent software and network questions, X11, MTA, routing, etc.

Reply
 
Thread Tools Display Modes
Old 25th November 2008
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

I talked with my friend who works for the company that hosts my website. He claimed that they had the secure protocols, but that I'd need a SSL certificate (which costs money). Is that correct?

Note: I'm not running an email site - the email account(s) for that site is just for my own use - i.e. myusername@mydomain.com
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 26th November 2008
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 774
Thanked 36 Times in 32 Posts
Default

Quote:
Originally Posted by JMJ_coder View Post
I talked with my friend who works for the company that hosts my website. He claimed that they had the secure protocols, but that I'd need a SSL certificate (which costs money). Is that correct?

Note: I'm not running an email site - the email account(s) for that site is just for my own use - i.e. myusername@mydomain.com
Yes. Third party SSL certificate is not free.
Reply With Quote
Old 12th February 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Quote:
Originally Posted by Oko View Post
The newest Mutt has built in SMTP so you do not need sandmail. The stable one doesn't have so you will need to configure sendmail to send mail to your IP mail server which will relay it further. I am not using Mutt so I do not know if it has built in support for downloading mails from POP3 and IMAP servers. If I have to guess I think it has it. If it doesn't have you will have to use fetchmail to get your mail from the remote mail server of your IP. You do want to use IMAP and SMTP only with TSL or SSL.

I would not use POP3 period.

Cheers,
OKO
Just following up. I've been configuring my email accounts this past couple weeks gearing up for my move to a new hosting company. I've played around with mutt, mutt-devel, postfix, fetchmail, procmail, etc.

Mutt-devel (and I think mutt-stable) support pop3(s) and imap(s). I'm sticking with mutt-devel because it supports imap header caching (and I'm going to use imaps with my new webhost). Using mutt's built in imap support, I don't need fetchmail and I can configure different mailboxes on the webhost's side, so I don't need procmail. (but they are both great programs to use - it was fun learning procmail's quirky format!)

Mutt-devel does support smtp(s), but it doesn't seem to work very well. I thought I'd be able to just use the one program and be done with it. I had to recompile postfix with sasl support (which isn't compiled in the postfix that comes with NetBSD). But, then I found ssmtp. It does what I need. I am not running a mail server. I have one specific need and that is to relay the mail from mutt and my computer to the smtp server of my webhost. Using postfix (or sendmail) is like using a crowbar to open a bottle cap. It's overkill for my application. Ssmtp works for what I need it to do.

So now my setup is mutt-devel (using it's own built-in imaps support) and ssmtp. Ssmtp works with gmail (a bugger to get to work right using any program!) using smtp over ssl and hopefully it will work with the stmp server of my new webhost (I should be making the switch this weekend - so we'll see).
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 12th February 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Is anyone here using pgp or gpg with email. I was going to install and try out pgp, but pkgsrc warned me that it used a fee-based commercial license. There's gpg, but I really can't stand GNU and try to avoid their software when possible.

I thought I might give it a go, not that I have any illusions of complete privacy, but it might keep the newbie crackers at bay (not that I send any top secret data through email ).
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 12th February 2009
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 774
Thanked 36 Times in 32 Posts
Default

You can use OpenSSL (which is also GNU) or CGD which are the parts of the base of NetBSD to seriously encrypt email massages.

Cheers,
OKO
Reply With Quote
Old 12th February 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
Originally Posted by Oko View Post
You can use OpenSSL (which is also GNU)
No it's not..

OpenBSD has 3 ports related to PGP:The first 2 ports simply prohibit commercial usage.. of any kind.
Reply With Quote
Old 12th February 2009
jb_daefo jb_daefo is offline
Package Pilot
 
Join Date: May 2008
Posts: 196
Thanked 5 Times in 5 Posts
Default

there is a new minimalistic mta in /usr/ports/mail/ within the
past couple of days.
...............
relevant to the post above... mutt-devel for some reason
does not build here. So I switched to mutt (plain)
...........
__________________
using /LOOKAT/ with /var/db/pkg files and portmaster/aliases/pipes/find/grep to meteorically speedup port upgrades/installs...
Reply With Quote
Old 12th February 2009
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 774
Thanked 36 Times in 32 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
Sorry, I didn't check the licenses. I just remembered vaguely that that screw up with OpenSSL was due to Debian people so I assumed it was GNU.
Reply With Quote
Old 12th February 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Quote:
Originally Posted by jb_daefo View Post
there is a new minimalistic mta in /usr/ports/mail/ within the
past couple of days.
Does this new minimalistic MTA have a name?


Quote:
Originally Posted by jb_daefo View Post
...............
relevant to the post above... mutt-devel for some reason
does not build here. So I switched to mutt (plain)
...........
The only extra's that I'm aware of for my setup from mutt-stable (1.4) to mutt-devel (1.5) is builtin smtp support and header cache. Since the builtin smtp support didn't work for me (it failed in sasl authentication -- yes, cyrus-sasl was installed), the only other advantage is header cache.

Since the mailbox it is accessing gets a subscribed mailing, it has currently ~3700 messages. With the header cache it takes about 5 seconds to load, without about 2-3 minutes (every time). I tried the syntax set header_cache = ~/.mutt_cache in mutt-stable, but it claims it isn't supported. Does anyone know of a way to do that in mutt-stable - cache the IMAP headers for quick loading?
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 12th February 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
No it's not..

OpenBSD has 3 ports related to PGP:The first 2 ports simply prohibit commercial usage.. of any kind.
Which do you prefer?

After reading several online guides, it seems that at the present that gnupg is the way to go.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 12th February 2009
JMJ_coder JMJ_coder is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 464
Thanked 8 Times in 8 Posts
Default

Here's another mail related question: which mailbox format do you prefer? mbox and maildir seem to be the two most popular, but there are others.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14)
Reply With Quote
Old 13th February 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
Originally Posted by Oko View Post
Sorry, I didn't check the licenses. I just remembered vaguely that that screw up with OpenSSL was due to Debian people so I assumed it was GNU.
That was a Debain maintainer issue, someone attempted to silence a warning produced by "Valgrind", unfortunately it inadvertently weakened the entropy pool.

Nobody noticed that it was generating the same 32,767 keys over and over again, rofl.
Reply With Quote
Old 13th February 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
Originally Posted by JMJ_coder View Post
Which do you prefer?

After reading several online guides, it seems that at the present that gnupg is the way to go.
I have used the GNU implementation in the past, and while it is secure.. most people simply find it annoying or confusing.

At one point, I signed all my messages.. but it was tiresome trying to explain the "gibberish" to family and friends.

Nobody ever sent me super secret important encrypted emails either..

Do you work for the government? no? then you don't need such privacy.. just encrypt files using OpenSSL ..or another tool, whatever the recipient prefers even.
Reply With Quote
Old 13th February 2009
jb_daefo jb_daefo is offline
Package Pilot
 
Join Date: May 2008
Posts: 196
Thanked 5 Times in 5 Posts
Default

Quote:
Originally Posted by JMJ_coder View Post
Does this new minimalistic MTA have a name?



The only extra's that I'm aware of for my setup from mutt-stable (1.4) to mutt-devel (1.5) is builtin smtp support and header cache. Since the builtin smtp support didn't work for me (it failed in sasl authentication -- yes, cyrus-sasl was installed), the only other advantage is header cache.

Since the mailbox it is accessing gets a subscribed mailing, it has currently ~3700 messages. With the header cache it takes about 5 seconds to load, without about 2-3 minutes (every time). I tried the syntax set header_cache = ~/.mutt_cache in mutt-stable, but it claims it isn't supported. Does anyone know of a way to do that in mutt-stable - cache the IMAP headers for quick loading?
dragonfly mail agent. /mta/
__________________
using /LOOKAT/ with /var/db/pkg files and portmaster/aliases/pipes/find/grep to meteorically speedup port upgrades/installs...
Reply With Quote
Old 13th February 2009
jggimi's Avatar
jggimi jggimi is online now
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,710
Thanked 214 Times in 189 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
... most people simply find it annoying or confusing.
I'm in the confusing/annoying camp.

I experimented with gnupg. I still have it available, I just don't actively use it any more.

Why confusing? The whole ring-of-trust set up seems to be heavily embraced by a small group of people, and ignored by everyone else. You enroll in one or more of the global trust servers, but you're never sure exactly why you've done so, as it is still a self-certification.

Why Annoying? You get a signed e-mail from someone, and your MUA calls on it's known trust servers.... and you wait 10 seconds only to be told they could not be verified anyway. But then, it was an email to a public mailing list, which did not need to be authenticated in the first place.

[/quote]
Reply With Quote
Old 13th February 2009
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 699
Thanked 90 Times in 81 Posts
Default

Quote:
Originally Posted by JMJ_coder View Post
Here's another mail related question: which mailbox format do you prefer? mbox and maildir seem to be the two most popular, but there are others.
Don't use mbox unless you don't value your data.

mbox stores each "folder" as a single text file, with the messages all concatenated together. Deleted messages leave holes in the file, and only 1 process can be updating the file at a time. If a process crashed mid-update, you lose the whole "folder". Very slow as well, as the entire file needs to be read to generate the folder listing. Just don't use it!

maildir uses real folders for each mail folder, support sub-folders, and stores each message in individual files. Multiple processes can be updating folders, although only 1 process can update each file. You can multi-task properly (delete messages, create new messages, update messages). And you get much faster performance.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Qmail and setting IP of the sender... DNAeon FreeBSD Ports and Packages 5 6th November 2008 08:54 PM
Sendmail Timmy66 OpenBSD General 11 19th October 2008 03:01 PM
qmail scanner problem t4y4n FreeBSD General 1 5th August 2008 07:36 PM
sendmail vs qmail vs postfix vs exim graudeejs General software and network 6 22nd July 2008 03:25 PM
Sendmail, issues... pcfxer FreeBSD General 2 8th May 2008 10:07 AM


All times are GMT. The time now is 02:49 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick