Re: [Exim] doing SSL (not TLS) on a certain port

Top Page
Delete this message
Reply to this message
Author: Marc MERLIN
Date:  
To: Philip Hazel
CC: Jeffrey C. Ollie, exim-users
Subject: Re: [Exim] doing SSL (not TLS) on a certain port
On Fri, Feb 09, 2001 at 09:02:15PM +0000, Philip Hazel wrote:
> > > Is this before or after the initial banner is output?
> >
> > Before.
> > This was all meant to work without any help from the daemon itself, you could
> > just slap stunnel or sslwrap around the daemon, and it just worked.
>
> That contradicts what you said. If you just slap stunnel round it, it
> doesn't need to do any SSL negotiation. So what is there that needs


Correct (I was talking of negociation inside of SSL for selecting a cipher)

> doing to Exim? Sorry, I'm still missing something here...


With an SSL wrapper it works just fine as it is.

However an SSL wrapper is an additional process for each connection and exim
is not getting the IP/port from the person who's really connecting to you.
That's why built in support in exim would be better because we could ditch
the SSL wrapper.

Marc
-- 
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking


Home page: http://marc.merlins.org/ | Finger marc_f@??? for PGP key