masqmail-0.2

changeset 172:ed96d7054b9b

updated masqmail.route(5) to STARTLS wrappers
author meillo@marmaro.de
date Fri, 23 Jul 2010 09:57:03 +0200
parents 349518b940db
children a2bec9a14324
files man/masqmail.route.5
diffstat 1 files changed, 18 insertions(+), 9 deletions(-) [+]
line diff
     1.1 --- a/man/masqmail.route.5	Thu Jul 22 23:30:05 2010 +0200
     1.2 +++ b/man/masqmail.route.5	Fri Jul 23 09:57:03 2010 +0200
     1.3 @@ -188,8 +188,9 @@
     1.4  the local parts (the keys) are separated from the addresses (the values) by colons (`:').
     1.5  
     1.6  Example:
     1.7 -
     1.8 +.nf
     1.9  map_h_from_addresses = "john: John Smith <jsmith@mail.academic.edu>; charlie: Charlie Miller <cmiller@mx.commercial.com>"
    1.10 +.fi
    1.11  
    1.12  You can use patterns, eg. * as keys.
    1.13  
    1.14 @@ -214,8 +215,9 @@
    1.15  The most important difference is that RFC 821 addresses have no full name.
    1.16  
    1.17  Example:
    1.18 -
    1.19 +.nf
    1.20  map_return_path_addresses = "john: <jsmith@mail.academic.edu>; charlie: <cmiller@mx.commercial.com>"
    1.21 +.fi
    1.22  
    1.23  You can use patterns, eg. * as keys.
    1.24  
    1.25 @@ -282,17 +284,24 @@
    1.26  \fIcommand\fR will be called and all traffic will be piped to its stdin and from its stdout.
    1.27  Purpose is to tunnel ip traffic, eg. for ssl.
    1.28  
    1.29 -Example for ssl tunneling:
    1.30 +Example for SMTP over SSL tunneling:
    1.31 +.nf
    1.32 +wrapper="/usr/bin/openssl s_client \-quiet \-connect mail.gmx.net:465 2>/dev/null"
    1.33 +.fi
    1.34  
    1.35 -wrapper="/usr/bin/openssl s_client \-quiet \-connect mail.gmx.net:465 2>/dev/null"
    1.36 +SMTP over SSL is supported since masqmail-0.1.8.
    1.37 +It is now deprecated by the IETF but still in use.
    1.38  
    1.39 -Note: The above line works with masqmail,
    1.40 -but listening on Port 465 for SSL-encrypted connections is deprecated.
    1.41 -The modern way is STARTTLS (RFC-3207).
    1.42 -This could be covered by the following command.
    1.43 -Unfortunately, masqmail doesn't support that yet (as of 0.2.25).
    1.44  
    1.45 +Example for encryption with STARTTLS (RFC-3207):
    1.46 +.nf
    1.47 +# don't forget the instant_helo, otherwise it won't work
    1.48 +instant_helo=true
    1.49  wrapper="/usr/bin/openssl s_client \-quiet \-starttls smtp \-connect mail.gmx.net:25 2>/dev/null"
    1.50 +.fi
    1.51 +
    1.52 +This is supported since masqmail-0.2.28.
    1.53 +STARTTLS supersedes SMTP over SSL.
    1.54  
    1.55  Note for openssl:
    1.56  Ensure that stderr is redirected.