Article delegate-en/1167 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A1164@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: POP/SSL Relay
21 May 2001 10:14:57 GMT "Maxime Dubois" <pqicabdyi-bkxfmxn6qzxr.ml@ml.delegate.org>


Hi Yutaka,

Thanks for your help.

Here is how I run my POP relay:
dg7_3_1 -v -P110 FCL="sslway -st -Vrfy -CAfile=d:\Cacert.pem"
SERVER=pop://pop.server.domain ADMIN=email@company..

I have now a POP relay with SSL connection between client and proxy, but the
client does not show its certificate. Am I doing something wrong? Or is it a
limit of well-spread tools that are Outlook Express and Netscape Messenger
which do not allow to present a certificate to connect to a server?

Regards

Maxime


----- Original Message -----
From: "Yutaka Sato" <feedback@delegate.org>
To: <feedback@delegate.org>
Cc: <pqicabdyi-bkxfmxn6qzxr.ml@ml.delegate.org>
Sent: Monday, May 21, 2001 9:40 AM
Subject: Re: [DeleGate-En] POP/SSL Relay


> Hi,
>
> On 05/16/01(19:44) you "Maxime Dubois" <pqicabdyi-bkxfmxn6qzxr.ml@ml.delegate.org> wrote
> in <_A1154@delegate-en.ML_>
>  |How can I make DeleGate acting as a POP relay with communication between
client and Proxy encrypted (SSL)?
>  |And the same for STMP?
>
> See <URL:http://www.delegate.org/delegate/ssl/> about how to use SSL
> with DeleGate, using "SSLway" filter program, just like "FCL=sslway".
> If your client program requires explicit negotiation about SSL usage, by
> "STARTTLS" (RFC2487,2595) command, add "-st" option like "FCL=sslway -st".
>
>  |Could it be possible to previously authenticate the client on the proxy
by asking him to present a certificate on https and only allow him to use
pop and smtp relays if authenticated?
>
> Yes.  Use "-Vrfy" and "-CApath" options of "SSLway".  See documents
> of openSSL or SSLeay about how to configure "-CApath".
>
> Cheers,
> Yutaka
> --
>   @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
>  ( - ) National Institute of Advanced Industrial Science and Technology
(AIST)
> _<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan


  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V