Re: TLS & SSL


[ Follow Ups ] [ Post Followup ] [ Signature.net Forum ]

Posted by jim guerber on April 11, 2014 at 10:24:49:

In Reply to: TLS & SSL posted by Robert G Laurin on April 11, 2014 at 07:52:19:

I can't help you with IMAP. I have never investigated that interface.

Perhaps the following snippet of code from emailptr will help you, but maybe not. Keep in mind that emailptr deals with the SMTP specs.


If (CanAuth = true and TLSSecurityEnabled EQ TRUE)
cmd$ = "STARTTLS"
gosub SEND
gosub RECV
IF SUB(RESULT$,1,3) NE "220" THEN ! Check result string
GOTO ABORT
ENDIF
! Enable SLL and (automatically) re-negotiate connection
CMD$ = "SSL-ENABLE" ! Set command string
GOSUB CONTROL ! Go to control subroutine
if HasLog = TRUE print(log)"SSL Enabled for TLS re-negotiation"
cmd$ = "EHLO signature.net"
gosub SEND
gosub RECV
EndIf


CanAuth means that the server is able to do TLS.
TLSSecurityEnabled means that there is a TLS=true in the email.ini file.

SSLRelay uses openssl version 0.9.5a dated 1 Apr 2000. I believe it is so old as to be immune to the heartbleed exploit. At this point I would rather discontinue support for this product than do more work on it. Do you know of a substitute? If so, lets encourage all users to migrate to it.



Follow Ups:



Post a Followup

Name:
E-Mail:

Subject:

What is the name of the main Signature System's Product?  

Comments:

Optional Link URL:
Link Title:
Optional Image URL:

You may attach up to 5 files to your followup (see below):





Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.


[ Follow Ups ] [ Post Followup ] [ Signature.net Forum ]