Securing Postfix – two questions lead the way to Trusted Catalysts

by | Aug 26, 2006 | Ideas & Insights

Adam and I (mostly Adam) are working to get postfix configured to run virtual domains in a secure configuration. Along the way, we have come across two challenges and would appreciate some ideas, feedback or insights (links, experience, whatever):

1. Is there any way to setup postfix + sasl to use both CRAM-MD5 and mysql encrypted passwords for secure smtp authentication over TLS? Or is this type of security redundant and unnecessary?

2. Is there a way to set postfix + mysql running virtual mail domains and users so that the users may change their own passwords?

Ideas? Suggestions? Leave a comment or send a note to mi*************@se**************.com