[Freeipa-users] Instructions for using Postfix SMTP Client Relay with FreeIPA
Anthony Messina
amessina at messinet.com
Fri Jul 12 15:04:44 UTC 2013
On Wednesday, July 10, 2013 05:00:53 PM Dmitri Pal wrote:
> On 07/10/2013 12:12 PM, Simo Sorce wrote:
> > On Wed, 2013-07-10 at 11:45 -0400, Erinn Looney-Triggs wrote:
> >> Folks,
> >> I swear I am not trying to drive up traffic to my very small blog, but I
> >> wrote up some instruction for how to configure the postfix mail client
> >> to use Kerberos to relay through a Postfix gateway.
> >>
> >> Instructions are here for folks that are interested:
> >> https://stomp.colorado.edu/blog/blog/2013/07/09/on-freeipa-postfix-and-a-> >> relaying-smtp-client/
> >>
> >> Hopefully it is useful to some people in the future, for me it took the
> >> help of some users on the Postfix list, a lot of it was not clear.
Erinn, this is excellent! I've been looking for just this idea! Thanks.
> I think it is worth mentioning that starting Fedora 19 the step to
> configure cron to fetch tickets is not needed. GSS proxy can be
> configured instead to automatically acquire tickets on client's behalf.
> https://fedorahosted.org/gss-proxy/
>
> It generally applies to any unattended client that uses keytab to
> authenticate it being messaging client, DB client, LDAP client or
> anything else. You name it...
>
> Thanks for the blog!
>
>
> --
> Thank you,
> Dmitri Pal
Dmitri, thanks for the info on gssproxy. I am using gssproxy for NFS in F19,
but have not begun using it for other services such as an smtp client, though
this is exactly what I'd be looking for. Do you think you'd be able to show
us what the gssproxy.conf file might look like for Postfix's smtp service?
How would one store the keytab in /var/lib/gssapi/clients? As far as I can
tell, the keytabs stored there are listed as <uidnumber>.keytab, so I imagine
this would be stored as the postfix user's uidnumber.
Thanks again. -A
--
Anthony - http://messinet.com - http://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20130712/3b07050b/attachment.sig>
More information about the Freeipa-users
mailing list