Questions and Answers for users of ASSP Anti-Spam SMTP Proxy <[email protected]> schreibt: >Very nice, does this mean ASSP can not act as a way to bring SSL to >email servers that do not support it?
ASSPS (ASSP V2) already supports SSL to non SSL servers: How to Handle STARTTLS Requests 'If set to "drop TLS", any STARTTLS request will be removed from the protocol stack and no connection will ever go in to any TLS mode! If set to "TLS to Proxy" and both peers (client and server) supports TLS, both connection will be moved in to a transparent Proxy mode. All data will be encrypted and unreadable to ASSP. If set to "do TLS", ASSP will be the "man in the middle". ASSP will try to move both connections into TLS. All data will be readable to ASSP - so all checks could be done. If any of the peers does not support TLS, ASSP will fake this to the other peer. So it could be possible, that the connection to the client is going in to TLS mode, even if TLS is not supported by the Server. If a client does not request TLS (STARTTLS) no connection will go into TLS mode. This behavior belongs to incoming and outgoing messages. This option requires the installed perl module <a href="http://search.cpan.org/search?query=IO::Socket::SSL"; rel="external">IO::Socket::SSL</a>!<br /> For "do TLS" a server-certificate-file "certs/server-cert.pem" and a server-key-file "certs/server-key.pem" must exist and must be valid!<br /> If you do not have valid certificates, you may generate both files online with <a href="http://www.mobilefish.com/services/ssl_certificates/ssl_certificates.php"; rel="external">www.mobilefish.com</a> or you may use OpenSSL to generate <a href="http://www.mobilefish.com/developer/openssl/openssl_quickguide_self_certificate.html"; rel="external">Self-signed SSL certificates</a> If you have installed OpenSSL (must be in PATH) and installed and enabled IO::Socket::SSL and ASSP is unable to find valid certificates - ASSP will try to create them at startup! ------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
