Re: [Exim] doing SSL (not TLS) on a certain port

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Philip Hazel
Dátum:  
Címzett: Marc MERLIN, Jeffrey C. Ollie
CC: exim-users
Tárgy: Re: [Exim] doing SSL (not TLS) on a certain port
On Fri, 9 Feb 2001, Marc MERLIN wrote:

> Yep. It doesn't need to ask because you connected to the SSL port so you
> want to be doing SSL.
> It really works just like imap/ssl, the whole connection is wrapped with an
> SSL layer.
>
> > Is this before or after the initial banner is output?
>
> Before.
> This was all meant to work without any help from the daemon itself, you could
> just slap stunnel or sslwrap around the daemon, and it just worked.


That contradicts what you said. If you just slap stunnel round it, it
doesn't need to do any SSL negotiation. So what is there that needs
doing to Exim? Sorry, I'm still missing something here...

> While adding this doesn't break anything, it doesn't seem to be a standard,
> and I would respect your decision not to support it.


Oh good, because I don't want to support what I think this is.

On Fri, 9 Feb 2001, Jeffrey C. Ollie wrote:

> Actually, if there was just some way to invoke exim and tell it that
> it should consider the connection as SSL/TLS encrypted that would work
> too. That way you could use stunnel/sslwrap without adding a lot
> cruft to exim.


I don't understand. If you are wrapping with stunnel, what does Exim
need to do differently? What does it have to do differently when it
"considers the connection as encrypted"?

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.