[ingo] Sieve over SSL/TLS?
alex@milivojevic.org
alex at milivojevic.org
Fri Jul 8 12:02:47 PDT 2005
Quoting Jan Schneider <jan at horde.org>:
> Zitat von alex at milivojevic.org:
>
>> Quoting Jan Schneider <jan at horde.org>:
>>
>>> Zitat von alex at milivojevic.org:
>>>
>>>> I've just noticed from log files that Ingo connects to timsieved over
>>>> plaintext
>>>> connection. Is it possible to use SSL/TLS before transmitting the
>>>> password?
>>>
>>> SSL might be possible by prefixing the hostname with "ssl:/" (does
>>> timsieved support SSL at all?), but TLS is not possible.
>>
>> I've prefixed it with "ssl:/" (also tried "ssl://"), but it made plaintext
>> connection again. When doing "telnet localhost sieve", timsieved lists the
>> capabilities, and one of them is STARTTLS.
>
> What I meant is that TLS support on Ingo's side is not possible.
So I guess it is not possible then. Don't think timsieved allows for SSL on
connect (like https, imaps, or pop3s), only STARTTLS.
I've had a peek at Net_SIEVE module, and it seems it only parses the
capabilities and sets flag if STARTTLS is present in the list of
capabilities. Not sure if this just reflects future plans to add
support for it in Net_SIEVE,
or if applications using it can issue raw STARTTLS, handle TLS handshake
themself and provide callback functions for read/write (that would
encrypt/decrypt data stream, something like proftpd implements TLS).
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the ingo
mailing list