[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robin Cornelius wrote: > >> Slightly different problem. Here I wanted to allow people from >> a.n.other network (thanks to a certain national telecoms provider's >> flexible service) >> to send via our SMTP relay. Of course they have dynamic IP >> addresses :( > > One option that may be excessivly complex is IPSEC (ip security) aka > Freeswan (but isn't that difficult in practice). More generally VPN solutions - yes a good idea, although freeswan specifically would require me to rebuild the kernel, not just sendmail, which is getting away from a quick and dirty solution for a fortnight. A simpler (to deploy quickly) solution in the same ilk would be to run stunnel or other SSL style client (openssh?) on the connecting PC's, but this is still further from the beaten track than I wanted to go for a quick fix. Possibly PPTP would be simpler to set up as a VPN solution also, since it has ready support on older Windows boxes. Anyway I will follow up using certficiates for ssmtp and other SSL connections, as I'm sure it should be configurable easily enough, otherwise they have wasted half the point o the technology. > As the client requires a certificate you can control who has > certificates and revoke if necessary and it is not ip address > dependent, compatible with linux as well as windows NT XP 2k (out of > the box) for the windows users (95/98 is problematic but not > impossible) and totaly mail client independent. Has anyone done freeswan to NT IPSEC recently? As I was wondering "how" compatible it is, as when I did IPSEC, knowing how to connect two disparate vendors systems reliably was the mark of genius. -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/tmq7GFXfHI9FVgYRAmXiAJ9mZSiLit6AOMO07TfzbupvQ9CMSgCfSJgV XhfFZI/GAp38EUjMa8qNhx8= =o+Kg -----END PGP SIGNATURE----- -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.