> No, > a) if you specify "required" the internal servers will also > need to execute STARTTLS > b) if you specify "enabled" the external servers can relay > without doing STARTTLS
No, If you specify "enabled" then a server is able to run STARTTLS. Relay check can only be done after the RCPT TO and not after the STARTTLS so you only need to know where STARTTLS has been sent or not but you need to do that in the RCPT TO call. > This is not what I want. Internal servers can always relay > and external servers must use STARTTLS. > Of course if the "authorizedAddresses", has priority over > this setting, we are home free. This is possible if you know the current STARTTLS/AUTH status when you receive the RCPT TO. > > The check to see wether the relay is supported or not > because of AUTH or > > STARTTLS will be done after the first RCPT so the > "extension point" is the > > RCPT and not the STARTTLS. > > Agreed, we just need to capture the state information > (preferably in a > stateobject as opposed to the current Hashmap) > > --Søren So, by now, we don't need STARTTLS as an extension point. We should support STARTTLS and the enabled|required|disabled values, then we need to have the SMTP status object updated when we handle the RCPT TO / MAIL FROM commands. Stefano --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
