Date: Fri, 21 Jan 2000 13:00:55 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: Khetan Gajjar <khetan@freebsd.os.org.za> Cc: =?iso-8859-1?Q?Josu=E9_Jos=E9_Souza_Jr=2E?= <josue@nexos.com.br>, freebsd-isp@FreeBSD.ORG Subject: Re: SMTP/SSL Message-ID: <20000121130055.D77623@mithrandr.moria.org> In-Reply-To: <Pine.BSF.4.21.0001210042010.44684-100000@bofh.ops.uunet.co.za> References: <Pine.BSF.4.05.10001190910030.37845-100000@genipabu.nexos.com.br> <Pine.BSF.4.21.0001210042010.44684-100000@bofh.ops.uunet.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri 2000-01-21 (00:44), Khetan Gajjar wrote: > JJSJ> My question is if there is a way to configure sendmail to support SSL or > JJSJ> if stunnel can detect clients intention to use or not SSL and then act > JJSJ> just passing the message foward to sendmail (client not using SSL) or do > JJSJ> it's regular job adding SSL before passing it to sendmail. > > Using stunnel is relatively dangerous for forwarding SMTP > transactions. The problem is that stunnel will report to > sendmail that there is a connection from localhost (not a > biggie because you should be recording stunnel output), > and will therefore apply anti-spam/UCE/relay rules as if > the mail sender was on the machine (which usually means > allow everything/anywhere). Oh, before I forget, if you're using qmail, this isn't a problem - just use tcpserver (or tcp-env in inetd) as usual and it'll deal with getting the connection information for you. In some ways, I wish more software worked like this. Neil -- Neil Blakey-Milner nbm@rucus.ru.ac.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000121130055.D77623>