[107594] in North American Network Operators' Group
Re: ingress SMTP
daemon@ATHENA.MIT.EDU (matthew@sorbs.net)
Sun Sep 7 18:28:04 2008
Date: Mon, 08 Sep 2008 08:27:52 +1000
From: matthew@sorbs.net
To: Michael Thomas <mike@mtcc.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
----- Original Message -----
From: Michael Thomas <mike@mtcc.com>
Date: Monday, September 8, 2008 7:31 am
Subject: Re: ingress SMTP
>
> Would that it were so easy :) You also have the more daunting task
> of hooking up your auth/aaa infrastructure with your MTA's, and all
> of the care and feeding that entails.
As a matter of interest, it took but a couple of person hours to sort
this out at my last place of work, the largest time chunk in equation
was the compiling of TLS and the various SASL modules into Postfix. The
second from largest chunk of time was to get the script to get the
information required from the various other back end mail servers on
campus, including, but not limited to, Lotus Notes, M$ Exchange, and
Sun/iPlanet messaging server and it's LDAP server. The only down side
to the system was password changed took up to 15 minutes to get to the
mail systems as there was no direct connection between the external
gateways and the internal auth systems.
Of course the above doesn't take into account the several weeks of
political badgering and grandstanding that we endured to get the
faculties to actually accept that that was the way it was going to be.
They couldn't stand that there would only be incoming and outgoing mail
via the central gateway. Such is life at Universities.
Regards,
M
