[Oberon] SSL tunnel; was SMTP/SSH tunnel

W B Hacker wbh at conducive.org
Sat Mar 31 16:17:26 MEST 2007

Easthope wrote:


> wh> a) Specify which IP to listen on:
> Doesn't the SSL daemon, rather than the 
> MTA, listen on the interface?

Between two equally-SSL-ignorant entities, yes.

But all MTA's in common use have been SSL/TLS 'aware' for *years*.

It is (AFAIK) your Oberon client (only) that needs help from a tunnel.

Or maybe not.... I've never tried to use it for mail.

> wh> See also POP and IMAP use of SSL.
> In Oberon, POP and IMAP are ignorant of SSL.

Speaking only for our half-dozen MTA, which, over time, have incuded sendmail, 
QMail, Postfix, courier-mta, and Exim:

- we *require* SSL or TLS for authenticating MUA, either smtp-submission or IMAP 
(POP was 'buried with honors' some years ago)

- we offer or request TLS when communicating with peer MTA, but do not insist on 
it, as there are still a few operators who do not offer/request it. Very few.

> If anyone knows of a link to a SSL tunnel 
> Howto it would help.


'...everything I needed to know, I learned in Kindergarten..'

Came originally from there...

In Peter Rabbit English.. stunnel is just a way to provide apps that need 
SSL/TLS capability what they should have had built-in in the first place.

Ergo it is seldom needed at *both* ends, 'coz one end already has the matching 




More information about the Oberon mailing list