On Fri, Feb 09, 2001 at 09:02:15PM +0000, Philip Hazel wrote:
> > > Is this before or after the initial banner is output?
> >
> > Before.
> > This was all meant to work without any help from the daemon itself, you could
> > just slap stunnel or sslwrap around the daemon, and it just worked.
>
> That contradicts what you said. If you just slap stunnel round it, it
> doesn't need to do any SSL negotiation. So what is there that needs
Correct (I was talking of negociation inside of SSL for selecting a cipher)
> doing to Exim? Sorry, I'm still missing something here...
With an SSL wrapper it works just fine as it is.
However an SSL wrapper is an additional process for each connection and exim
is not getting the IP/port from the person who's really connecting to you.
That's why built in support in exim would be better because we could ditch
the SSL wrapper.
Marc
--
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page:
http://marc.merlins.org/ | Finger marc_f@??? for PGP key