-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Steven" == Steven M Bellovin <smb@cs.columbia.edu> writes:
    >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
    >> 
    >> 
    >> Is there a reason why postfix is not built with TLS support in
    >> the stock tree?
    >> 
    >> Unless I'm reading /usr/src/gnu/usr.sbin/postfix/Makefile.inc
    >> wrong, there is there no: -DUSE_TLS there.
    >> 

    Steven> I didn't think 3.0 had a new-enough version of Postfix for
    Steven> that.  If I'm wrong, please let me know; I'm using stunnel
    Steven> to work around it.

  I have run TLS with postfix 2.1 before.
  Maybe there is some other issue.

  I just built pkgsrc postfix 2.2 with 
    PKG_OPTIONS.postfix=     tls

  I had to add:

tlsmgr    unix  -       -       n       1000?   1       tlsmgr

  to /etc/postfix/master.cf

  I did have to mv /usr/libexec/postfix -> /usr/pkg/libexec/postfix, and
this confused me. 

- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr@xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

    "The Microsoft _Get the Facts CD_ does not work on Linux." - orospakr

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBRJA3koCLcPvd0N1lAQKZ5AgAoscHbG8XxnVGUBmlA0EN+v1al1vEG07f
OdcbO/OzeBhRoWftAL2jk0WFO2GDfm7Wm4g5aEDTnB6vgMUgEWmArqFu86WxBkww
/b+ogmkB10q0MRCiqnJ0E9SA/asw/pC7f+vTNZEW7m93PXsIsY+2Cus5Svf6hOTM
NeYPOP6bz6Ye6vRr5tBFftUg+gHZwCxk99woVCnKGcvkJSrnj1ZrzZY6GUiiU6EH
CKKQQqjmymkDnwuaNb/YI+fMo+FQKVjTw0jC6Nu92zd1vBEky4xZKEjwAHWH61xJ
S4zF/HI+m6Vsz5RSaLRm0nOQUvJWx2jYSt5NZD8Glnc6o1d8eOGW7w==
=zO1V
-----END PGP SIGNATURE-----