Kent Busbee wrote:
See response below; Aleksander Podsiadly wrote:
W dniu 05.11.2009 20:02, Eric Shubert pisze:
I just came across what I think is a possible hole in spamdyke's
configuration.
I've been reading through the documentation regarding TLS, and it
appears that with no "tls-level" option specified, if a spammer were
to use TLS (advertised by qmail), spamdyke would be unable to use
several of its filters because the data is encrypted passing through
spamdyke to qmail-smtp.
[...]
I don't think so.
From http://www.spamdyke.org/documentation/README.html
,,If |tls-level| is not given, spamdyke will use a value of |smtp|.''
--
Elsewhere on the same page:
"First, with no TLS options given, spamdyke will identify a TLS
conversation and simply pass the data back and forth between qmail and the
remote client."
Can you say Ambiguous?
Thanks, Kent. That's what I read, but didn't notice the other reference.
Since the tls-certificate-file is specified in the QMT configuration, I
expect that "no TLS options given" does not apply. (I think I read this
as meaning "no tls-level option given").
I think that having only the tls-certificate-file option specified, that
tls-level=smtp is in effect whether it's specified or not.
Sam, will you please confirm this? (I think Sam's on this list)
--
-Eric 'shubes'
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com