Securing Kolab 16 on Centos 7 howto questions - plus GUAM is broken
kolab.user at use.startmail.com
kolab.user at use.startmail.com
Wed Mar 30 06:05:28 CEST 2016
Any guam developers on this list?
It appears that guam completely ignores chained certificates, e.g. free ones obtained from startssl.com, mentioned in a secure-kolab-server.html HOWTO
Seems like the only way to get around it quickly is to disable listener on 993 and use stunnel from 993 to 143.
Any other ideas?
Could I just remove guam and change imaps from 9993 to 993? What does guam do?
thanks,
Josh.
On Tuesday, February 23, 2016 6:12 PM, Winfried Ritsch <ritsch at algo.mur.at> wrote:
> Hello,
>
> I just set up a Kolab 16 on dedicated Centos 7.0 VM following mostly the
> installation guides and
> it seems to work nicely, thanks for all the effort.
>
> Before I go public I want to secure my setup
>
> and trying to follow the HOWTO
> https://docs.kolab.org/howtos/secure-kolab-server.html[1]
> (this seems to be for kolab 3.4)
> some questions arised what services to secure:
>
> Securing
>
> a) Services which need a dedicated Certificate (for TLS)
> b) Services which use internal certificates (for eg. localhost)
> c) Services using unsecure connections (for speed)
>
> My vote:
> All apache services for a)
> Mail transport postfix for a)
>
> Unkown:
>
> Since now guam is a proxy to cyrus-imapd:
>
> - Should proxy connection between cyrus and/or guam be secured ?
>
> - Securing cyrus managesieve connection ?
>
> - Manticore ?
>
> - any other suggestion ?
>
>
> thanks.
>
> mfG
> Winfried ritsch
>
> --
> -
> Winfried Ritsch - Atelier Algorythmics
> Mobil: ++43-664-2439369
> http://algo.mur.at/ email: ritsch _at_ algo.mur.at
> -
>
> --------
> [1] https://docs.kolab.org/howtos/secure-kolab-server.html
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
More information about the users
mailing list