Email improvements
Just added TLS to my mail server and whilst I was at it, SASL AUTH (via dovecot). The latter was very easy, the former was also pretty simple after I read the big document 
I’m not authenticating clients via TLS – it’s possible, but SASL AUTH is a better solution for me (you don’t need to worry about generating unique certificates or distributing them).
Had to recompile up gnome mail-notification since they’ve not read or understood OpenSSL and GPL license incompatibility issues. Or rather, they’ve read about it, but then decided not to agree with the interpretation that people who have spent far longer on it have come to.
Shame really. I’ve heard [http://www.openldap.org/lists/openldap-devel/200802/msg00072.html unpleasant things about GnuTLS] (notably from the developers of OpenLDAP), since openssl is a library, if only it was released under LGPL this wouldn’t have been an issue. Some people have suggested trying to adopt Mozilla’s NSS instead. It looks like the open source community doesn’t have a high quality SSL library that can be used. Bugger.
Posted: April 7th, 2009 under Linux, Linux Rants, My setup, Work.
Comments: none
Write a comment