Re: [Exim] tls encryption question

Top Page
Delete this message
Reply to this message
Author: Giuliano Gavazzi
Date:  
To: AsbjørnHøiland Aarrestad, exim-users@exim.org
Subject: Re: [Exim] tls encryption question
At 16:01 +0100 2003/03/09, Asbjørn Høiland Aarrestad wrote:
>hi.
>
>how do I know if my smtp auth connection is encrypted? Can you see it in
>the header? I have compiled and set it up to be encrypted, and I've
>fixed ssl certificate and was asked to accept it. Is it OK then?
>
>regards
>Asbjørn
>


yes, as you can see:

Received: from 217-13-7-8.dd.nextgentel.com ([217.13.7.8] helo=aarrestad.com)
    by aarrestad.com with asmtp (TLSv1:RC4-MD5:128)
                                      ^^^^^^
    (Exim 4.12)
    id 18s2KD-0007Ve-00
    for exim-users@???; Sun, 09 Mar 2003 16:02:53 +0100


You can also enforce (even if this is an after-the-fact measure)
encryption during authorisation by defining an

acl_smtp_auth = acl_check_auth


and then:

acl_check_auth:
     accept encrypted = *
     accept condition = ${if eq{${uc:$smtp_command_argument}}\
                         {CRAM-MD5}{yes}{no}}
     deny   message   = TLS encryption or CRAM-MD5 required


Giuliano
--
H U M P H
    || |||
  software


Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/