[Exim] Exim/SSL

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: exim-users
Subject: [Exim] Exim/SSL
I had an idle pub based chat last week regarding SMTP over SSL and
integration with exim.

In theory link exim against openssl is pretty easy, but opens up
various cans of worms:-

Incoming SMTP
- controlling allowed ciphers etc

  - interaction with SMTP auth (people might want to only allow
    SMTP-auth on SSL connection)


- Use of X509 Certs for relay/identification

  - listening on 2 ports (smtp & smtp/ssl), also STARTTLS from
    within standard SMTP


Outgoing SMTP
- SMTP/SSL by default, optional, using ESMTP capabilities etc

- Behaviour and use of X509 certs etc


Its an interesting can of worms, and I'd be interested in pointers to
general MTA implementation with SSL support, and similar relevant
stuff, as well as list opinions. I do think there is some things that
can be handled in SMTP/SSL that are worth doing (as opposed to relying
on stunnel etc).

    Nigel.


-- 
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham                  Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]