Re: [Exim] TLS problems on non-standard port

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMMatt Bernstein at <-
M 
Delete this message
Reply to this message
Author: James P. Roberts
Date:  
To: Matt Bernstein
CC: Juri Tsibrovski, exim-users
Subject: Re: [Exim] TLS problems on non-standard port
> >Another option is to use something like Stunnel on the alternate port,
> >handling the decryption & forwarding to locahost:25. (This will look like
> >SMTPS to clients).
>
> This should IMHO only ever be considered for Exim 3, because it's too easy
> to become an open relay with stunnel :)

Yes. I agree. I had to close the loophole, by requiring authentication
before relay for everyone, including localhost. (Stunnel makes incoming
connections look like they are coming from localhost, instead of the actual
remote host).

I recommend going with the all-Exim method; but IIRC, you'll need Exim 4 to
make that work.

Jim Roberts
Punster Productions, Inc.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Spam scanning one domain and not anotherRe: [Exim] Exim 3.36 - how are frozen messages deleted->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)