RE: SMTP Filter and STARTTLS (SSL)

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 1 May 2002 14:49:12 -0700

Good question; I think you've just added to my "gotta find the answer" list.
It's really frustrating trying to find all the "unregistered" extensions to
the SMTP command list...

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
----- Original Message -----
From: "Deus, Attonbitus" <Thor@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, May 01, 2002 2:41 PM
Subject: [isalist] RE: SMTP Filter and STARTTLS (SSL)


http://www.ISAserver.org



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 02:28 PM 5/1/2002, you wrote:
>http://www.ISAserver.org
>
>
>Did I miss something?
>TLS (SMTP-SSL) doesn't have anything to do with SMTP-AUTH?
>AUTH is a user-authentication, while TLS is a data-obfuscation through
>encryption.
>
>BTW Tim, I liked your "selective SecureNAT" idea.  Maybe you should join
the
>ISA-author ranks?


So what is the deal?  Let's start from the top... When publishing SMTP
through ISA, and when the SMTP Filter is disabled, SMTP and SMTPS work just
fine.
The STARTTLS SMTP command is not part of the default SMTP commands that the
filter lets through, so you have to add it.  I gave it 100 bytes.

Now, when the filter is active and you got to negotiate a SSL Session, the
server accepts the STARTTLS command, but nothing after that.  It just sits
there.  Nothing in the logs, BTW.
So, the question is, how do I keep the SMTP Filter active and still be able
to submit SMTPS??

- ---

I'm glad you like the selective SNAT deal- it is really working out
well.  Maybe I *should* consider writing something!

T


-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPNBg/4hsmyD15h5gEQKk6QCg7txBElc/dK24FnvwJpJk0EE2vm0AoLXK
ceQI/F9P1J5R2KLhtHfCsyxI
=JXW5
-----END PGP SIGNATURE-----


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » SMTP Filter and STARTTLS (SSL)
• » RE: SMTP Filter and STARTTLS (SSL)
• » RE: SMTP Filter and STARTTLS (SSL)
• » RE: SMTP Filter and STARTTLS (SSL)
• » RE: SMTP Filter and STARTTLS (SSL)
• » RE: SMTP Filter and STARTTLS (SSL)
• » RE: SMTP Filter and STARTTLS (SSL)

1. Home
2. isalist
3. Archive
4. 05-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---