Bug 195662
| Summary: | mail/postfix-sasl-tls: Create Postfix port with SASL and TLS) support (Or enable SASL by default in mail/postfix) | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Hans Fredrik Nordhaug <hans> |
| Component: | Individual Port(s) | Assignee: | Olli Hauer <ohauer> |
| Status: | Closed FIXED | ||
| Severity: | Affects Many People | CC: | alexandre, delphij, meyer.sydney, ohauer |
| Priority: | --- | Keywords: | feature, needs-patch |
| Version: | Latest | Flags: | koobs:
maintainer-feedback?
(ohauer) |
| Hardware: | Any | ||
| OS: | Any | ||
|
Description
Hans Fredrik Nordhaug
2014-12-04 00:20:07 UTC
Over to maintainer of mail/postfix. I think the postfix ports should have TLS enabled by default. More and more servers are expecting meanwhile TLS support and bigger ISP's having TLS only on the roadmap. If build with TLS but TLS is not used / configured in postfix main.cf / master.cf there is no impact since postfix has sane default values. $ postconf -d | grep use_tls lmtp_use_tls = no postscreen_use_tls = $smtpd_use_tls smtp_use_tls = no smtpd_use_tls = no tlsproxy_use_tls = $smtpd_use_tls So changing mail/postfix ports having TLS enabled by default and deprecating postfix-tls would be the best option (after Orwell and Snowden) even it doesn't protect the mail content on the next mail node (relay, final recipient, ...) +1. Take it, @Xin Li Was the +1 for a child port or switching on TLS by default? (In reply to Olli Hauer from comment #4) I think either way would work but ideally it would be the main port unless there is good reason not to do so. postfix ports appear to have TLS enabled by default now, but not SASL. The original scope of this request was for the creation of a sasl and tls enabled (slave?) port. I imagine this request would be satisfied if SASL was enabled by default, so I've modified the summary to include that option. What's needed to progress and close this issue? After doing some tests and study the postfix history I notice postfix has build in support for Dovecot SASL and if build direct from source (clean env.) Dovecot SASL is enabled by default. At the moment I'm rewriting the postfix ports so Dovecot SASL will be always supported, Cyrus will be additional/optional. Additional I'm planing to make postfix-current the new default postfix in the next weeks, some features will maybe be lost since there are no new patches for postfix 3.x e.g. VDA and native SPF so I assume those projects are no longer active. (In reply to Olli Hauer from comment #7) Hi Olli, I'm also interrested by having Dovecot SASL supported by Postfix. When do you think you will be able to release the new package with this ? Thank you ! Hi, I will commit this evening a change to the postfix ports. Additional I'm planning to `svn cp postfix -> postfix211'. On the weekend postfix-3.0.4 will become the new default postfix release, and I hope until then a patch to pkg was committed (PR 207492). Without the pkg patch some of my systems had a broken postfix because som binaries where not replaced with the new one. A commit references this bug: Author: ohauer Date: Thu Feb 25 20:09:57 UTC 2016 New revision: 409551 URL: https://svnweb.freebsd.org/changeset/ports/409551 Log: - rework SASL OPTIONS Dovecot SASL does not need any dependency, from now it will be always build into postfix and the default SASL unless Cyrus is also added (there is no conflict between them) - add support for FreeBSD 10.3 mailwrapper (install mailer.conf into LOCALBASE/mail instead /etc/mail) - add better reload support to rc script - display correct path in pkg-message - add support for postfix-sasl slave port - bump PORTREVISION Many Thanks to all testers! PR: 195662 PR: 205162 Changes: head/mail/postfix/Makefile head/mail/postfix/files/pkg-install.in head/mail/postfix/files/pkg-message.in head/mail/postfix/files/postfix.in head/mail/postfix/pkg-help A commit references this bug: Author: ohauer Date: Thu Feb 25 20:26:09 UTC 2016 New revision: 409556 URL: https://svnweb.freebsd.org/changeset/ports/409556 Log: - update to 3.0.4 - rework SASL OPTIONS Dovecot SASL does not need any dependency, from now it will be always build into postfix - EAI is now mandantory, else mails can be lost - add support for FreeBSD 10.3 mailwrapper (install mailer.conf into LOCALBASE/mail instead /etc/mail) - add better reload support to rc script - display correct path in pkg-message - add support for postfix-sasl slave port - remove nativ SPF support, patch is no longer maintained and there are alternatives in the ports tree - remove VDA support (seems VDA project is dead and unmaintaned) Many Thanks to all testers! PR: 195662 PR: 205162 Changes: head/mail/postfix-current/Makefile head/mail/postfix-current/distinfo head/mail/postfix-current/files/pkg-install.in head/mail/postfix-current/files/pkg-message.in head/mail/postfix-current/files/postfix.in head/mail/postfix-current/pkg-help A commit references this bug: Author: ohauer Date: Thu Feb 25 20:33:43 UTC 2016 New revision: 409557 URL: https://svnweb.freebsd.org/changeset/ports/409557 Log: - add postfix SASL slave port to the tree Requested by many PR: 195662 PR: 205162 Changes: head/mail/Makefile head/mail/postfix-current-sasl/ head/mail/postfix-current-sasl/Makefile head/mail/postfix-sasl/ head/mail/postfix-sasl/Makefile Hope I haven't overlooked something! Thanks for your patience! That was quick, many thanks for your work ! |
