masqmail
diff examples/openssl.route @ 223:9814e75de61c
updated docs to STARTTLS wrappers
author | meillo@marmaro.de |
---|---|
date | Fri, 23 Jul 2010 11:18:20 +0200 |
parents | e96a9fee9423 |
children | e230bcd0f1c6 |
line diff
1.1 --- a/examples/openssl.route Fri Jul 23 10:57:53 2010 +0200 1.2 +++ b/examples/openssl.route Fri Jul 23 11:18:20 2010 +0200 1.3 @@ -6,9 +6,15 @@ 1.4 1.5 # encryption is done by communicating through openssl 1.6 1.7 -wrapper="/usr/bin/openssl s_client -quiet -connect mail.gmx.net:465 2>/dev/null" 1.8 -# you may want to tell openssl where the certificates are stored 1.9 -#wrapper="/usr/bin/openssl s_client -quiet -CApath /etc/ssl -connect mail.gmx.net:465 2>/dev/null" 1.10 +# Today usually STARTTLS (RFC-3207) is used: 1.11 +# don't forget the instant_helo, otherwise it won't work, because the wrapper eats the 220 greeting 1.12 +instant_helo=true 1.13 +wrapper="/usr/bin/openssl s_client -quiet -starttls smtp -connect mail.gmx.net:25 2>/dev/null" 1.14 + 1.15 +# The old way is SMTP over SSL; the IETF had marked it obsolete: 1.16 +# don't use instant_helo here 1.17 +#wrapper="/usr/bin/openssl s_client -quiet -connect mail.gmx.net:465 2>/dev/null" 1.18 + 1.19 1.20 # which addresses are allowed through this route? 1.21 allowed_return_paths = "*@gmx.de;*@gmx.net"