CVS commit: pkgsrc/mail/qmail/files

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/mail/qmail/files
From: "Amitai Schleier" <schmonz%netbsd.org@localhost>
Date: Mon, 2 Nov 2020 10:43:55 +0000

Module Name:    pkgsrc
Committed By:   schmonz
Date:           Mon Nov  2 10:43:55 UTC 2020

Modified Files:
        pkgsrc/mail/qmail/files: README.tls

Log Message:
Reorder and clarify TLS setup instructions.


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/qmail/files/README.tls

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/mail/qmail/files/README.tls
diff -u pkgsrc/mail/qmail/files/README.tls:1.1 pkgsrc/mail/qmail/files/README.tls:1.2
--- pkgsrc/mail/qmail/files/README.tls:1.1      Tue Aug 20 02:38:04 2019
+++ pkgsrc/mail/qmail/files/README.tls  Mon Nov  2 10:43:55 2020
@@ -7,20 +7,26 @@ It is documented more fully by its autho
 <URL:https://schmonz.com/qmail/tlsonlyremote/>
 
 
-For qmail to opportunistically encrypt outgoing mail, obtain a
-certificate (e.g., from Let's Encrypt) and make it available as
-@SERVERCERT@.
+For qmail to opportunistically encrypt incoming mail, and to require
+encryption before authentication for submitted messages, first obtain a
+certificate (e.g., from Let's Encrypt), make it available as
+@SERVERCERT@, and apply these permissions:
 
 # chmod 640 @SERVERCERT@
 # chown @QMAIL_DAEMON_USER@:@QMAIL_QMAIL_GROUP@ @SERVERCERT@
-# ln -s @SERVERCERT@ @CLIENTCERT@
+
+Generate DH params:
+
 # update_tmprsadh
 
-Once you have a certificate, regularly regenerate DH params from cron(8):
+Have cron(8) regularly regenerate them:
 
     01 01 * * * @PREFIX@/bin/update_tmprsadh > /dev/null 2>&1
 
+Then install the qmail-run package and use its qmailsmtpd and
+qmailofmipd rc.d scripts.
 
-For qmail to opportunistically encrypt incoming mail, and to require
-encryption before authentication for submitted messages, install the
-qmail-run package and use its qmailsmtpd and qmailofmipd rc.d scripts.
+For qmail to opportunistically encrypt outgoing mail, use the same
+certificate:
+
+# ln -s @SERVERCERT@ @CLIENTCERT@

Prev by Date: CVS commit: pkgsrc/mail/qmail-run/files
Next by Date: CVS commit: pkgsrc/mail/qremote
Previous by Thread: CVS commit: pkgsrc/mail/qmail-run/files
Next by Thread: CVS commit: pkgsrc/mail/qremote
Indexes:

Home | Main Index | Thread Index | Old Index