[stunnel-users] SMTP & TLS
Eric B.
ebenze at hotmail.com
Fri Oct 27 23:32:19 CEST 2006
Hi,
I've been looking over using stunnel to secure SMTP connections, but am a
little confused about how the protocol works. From what I've read, the
STARTTLS command is used to allow a client/server to upgrade a connection
from plaintext to SSL secured. Further to that, from what I understand, the
concept is to allow/use a single port to initiate all connections - ex: port
25.
>From what I can tell from stunnel however, is that once stunnel issues the
STARTTLS command, if the client doesn't respond in kind, then the connection
is terminated. I've tried reading the RFC, but can't seem to find what
happens in the case where the client rejects or does not respond to the
STARTTLS command. Logicially, I would expect the SMTP connection to
continue normally in plaintext. Apparently, this is not how stunnel works.
Can someone please help fill in the blanks for me please? What is supposed
to happen if the client refuses the STARTTLS request from the server? If
the connection is supposed to die, why bother with the STARTTLS request at
all, and not just impose the SSL encrypted tunnel from the very beginning
(as per the old SSMTP specs)?
Thanks,
Eric
More information about the stunnel-users
mailing list