Re: [Exim] TLS problems on non-standard port

Top Page
Delete this message
Reply to this message
Author: James P. Roberts
Date:  
To: Matt Bernstein
CC: Juri Tsibrovski, exim-users
Subject: Re: [Exim] TLS problems on non-standard port
> >Another option is to use something like Stunnel on the alternate port,
> >handling the decryption & forwarding to locahost:25. (This will look like
> >SMTPS to clients).
>
> This should IMHO only ever be considered for Exim 3, because it's too easy
> to become an open relay with stunnel :)


Yes. I agree. I had to close the loophole, by requiring authentication
before relay for everyone, including localhost. (Stunnel makes incoming
connections look like they are coming from localhost, instead of the actual
remote host).

I recommend going with the all-Exim method; but IIRC, you'll need Exim 4 to
make that work.

Jim Roberts
Punster Productions, Inc.