Thanks for your help.
Here is how I run my POP relay:
dg7_3_1 -v -P110 FCL="sslway -st -Vrfy -CAfile=d:\Cacert.pem"
I have now a POP relay with SSL connection between client and proxy, but the
client does not show its certificate. Am I doing something wrong? Or is it a
limit of well-spread tools that are Outlook Express and Netscape Messenger
which do not allow to present a certificate to connect to a server?
----- Original Message -----
From: "Yutaka Sato" <email@example.com>
Sent: Monday, May 21, 2001 9:40 AM
Subject: Re: [DeleGate-En] POP/SSL Relay
> On 05/16/01(19:44) you "Maxime Dubois" <firstname.lastname@example.org> wrote
> in <_A1154@delegate-en.ML_>
> |How can I make DeleGate acting as a POP relay with communication between
client and Proxy encrypted (SSL)?
> |And the same for STMP?
> See <URL:http://www.delegate.org/delegate/ssl/> about how to use SSL
> with DeleGate, using "SSLway" filter program, just like "FCL=sslway".
> If your client program requires explicit negotiation about SSL usage, by
> "STARTTLS" (RFC2487,2595) command, add "-st" option like "FCL=sslway -st".
> |Could it be possible to previously authenticate the client on the proxy
by asking him to present a certificate on https and only allow him to use
pop and smtp relays if authenticated?
> Yes. Use "-Vrfy" and "-CApath" options of "SSLway". See documents
> of openSSL or SSLeay about how to configure "-CApath".
> @ @ Yutaka Sato <email@example.com> http://www.delegate.org/y.sato/
> ( - ) National Institute of Advanced Industrial Science and Technology
> _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan