You are not logged in.
So I have Postfix working great and I've always used webmail if I needed to send email from PC's outside of $mynetworks. So fast forward to today where I got my 1st Android powered mobile phone and I can configure the Android mail client to send/receive IMAP email but my question is do I need to become an open relay to allow my random wireless providers dynamic range of IP's to send mail via Postfix? Seems extremely vulnerable and scary to think I would have to allow my providers IP range to relay mail via my MTA. I started reading a bit and I think I need SASL authentication (correct me please if I'm wrong) and since both Postfix 2.8.1 & Dovecot 2.0.11 are configured / using TLS, is there anything else I would need beyond SASL or that you recommend for sending email from my Android powered mobile?
./
Offline
I'm in the same boat, except that I don't have a smartphone yet - but I'm already outlining the changes to my soho-network.
I guess you have to secure the mailserver (using SSL + TLS looks ok to me) and also secure the server as a whole: configure iptables to lock it down completely, except for as little ports as necessary: IMAPS and SMTPS, maybe even on an other-than-default port...
Maybe you are also interested in syncing your calendar: I will be doing that with davical on my server (running for 2 years now) and acal on my Android smartphone: no syncing, but native caldav between server and smartphone...
The other option would be to install openvpn on your server and always work via your VPN.
Last edited by zenlord (2011-03-24 17:57:54)
Offline
SSL & TLS are the same thing. TLS is just SSLv3+. Also IMAPS is dead and really shouldn't be used. I don't know about SMTPS.
./
Offline
I was using the -S to indicate that you should only open up 1 port for both IMAP and SMTP and close the default non-secured ports. My bad.
Offline