masqmail

diff examples/openssl.route @ 223:9814e75de61c

find changesets by author, revision, files, or words in the commit message
updated docs to STARTTLS wrappers
author meillo@marmaro.de
date Fri, 23 Jul 2010 11:18:20 +0200
parents e96a9fee9423
children e230bcd0f1c6
line diff
     1.1 --- a/examples/openssl.route	Fri Jul 23 10:57:53 2010 +0200
     1.2 +++ b/examples/openssl.route	Fri Jul 23 11:18:20 2010 +0200
     1.3 @@ -6,9 +6,15 @@
     1.4  
     1.5  # encryption is done by communicating through openssl
     1.6  
     1.7 -wrapper="/usr/bin/openssl s_client -quiet -connect mail.gmx.net:465 2>/dev/null"
     1.8 -# you may want to tell openssl where the certificates are stored
     1.9 -#wrapper="/usr/bin/openssl s_client -quiet -CApath /etc/ssl -connect mail.gmx.net:465 2>/dev/null"
    1.10 +# Today usually STARTTLS (RFC-3207) is used:
    1.11 +# don't forget the instant_helo, otherwise it won't work, because the wrapper eats the 220 greeting
    1.12 +instant_helo=true
    1.13 +wrapper="/usr/bin/openssl s_client -quiet -starttls smtp -connect mail.gmx.net:25 2>/dev/null"
    1.14 +
    1.15 +# The old way is SMTP over SSL; the IETF had marked it obsolete:
    1.16 +# don't use instant_helo here
    1.17 +#wrapper="/usr/bin/openssl s_client -quiet -connect mail.gmx.net:465 2>/dev/null"
    1.18 +
    1.19  
    1.20  # which addresses are allowed through this route?
    1.21  allowed_return_paths = "*@gmx.de;*@gmx.net"