On 16.10.2013 17:45, Michal Trojnara wrote:
On 10/16/2013 05:07 PM, Ben Stover wrote:
Sorry, I went to the webpage with the link you mentioned. There I searched for STARTTLS but NO (!) occurence was found. This is because STARTTLS is not a separate protocol, but rather an option (usually an extension) of various protocols that can negotiate SSL/TLS encryption.
After reading this and the archived listmail, I'm under the impression that you're confirming my gut reaction of "stunnel doesn't do that, and won't anytime soon". :-} In that case: The standard tool to provide STARTTLS functionality for manual testing is to use OpenSSL's s_client command. It would need to be started anew for every connection, though, and you might need to change the actual client's behavior (in particular, s_client needs to do the HELO/EHLO for you, and any line starting with an *uppercase* 'R' or 'Q' will make s_client do something undesirable instead of the intended effect). It *might* be easier to install a second(?), natively STARTTLS-capable MTA on your client machine, point it to the real server as its relay, making it listen on a nonstandard port, and have your not-STARTTLS-capable client talk to *that* instead. Will introduce all sorts of locally generated headers into the e-mails, though. Kind regards, J. Bern -- *NEU* - NEC IT-Infrastruktur-Produkte im <http://www.linworks-shop.de/>: Server--Storage--Virtualisierung--Management SW--Passion for Performance Jochen Bern, Systemingenieur --- LINworks GmbH <http://www.LINworks.de/> Postfach 100121, 64201 Darmstadt | Robert-Koch-Str. 9, 64331 Weiterstadt PGP (1024D/4096g) FP = D18B 41B1 16C0 11BA 7F8C DCF7 E1D5 FAF4 444E 1C27 Tel. +49 6151 9067-231, Zentr. -0, Fax -299 - Amtsg. Darmstadt HRB 85202 Unternehmenssitz Weiterstadt, Geschäftsführer Metin Dogan, Oliver Michel