Re: [Exim] doing SSL (not TLS) on a certain port

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Marc MERLIN
CC: exim-users
Subject: Re: [Exim] doing SSL (not TLS) on a certain port
On Tue, 6 Feb 2001, Marc MERLIN wrote:

> I still need to use stunnel for listening on the ssmtp port (465/tcp) and
> forward connections to exim after doing SSL for it.
> Would it be possible to have a ssl_listen_on directive which adds a port
> exim needs to listen on, but in SSL mode (i.e. no TLS negociation).


I don't understand how you can listen in SSL mode without TLS
negotiation. How does it know what the cipher or the key is? Or do you
mean without the STARTTLS command? The client just fires up an SSL
session without asking? Is this before or after the initial banner is
output? No doubt there is no document that specifies how this is
supposed to work.

> Yes, this is used by some clients, netscape 3 and outlook (I'm told)


I'm not keen on adding standard-breaking code for old clients.
Netscape 3 has been obsolete for quite some time, hasn't it?

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.