-
-
Notifications
You must be signed in to change notification settings - Fork 662
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add plain TLS support to forwarded backends (465 port) #3021
Comments
Yes, we should support that. |
Is anyone working on this? I'm building a cluster smtp relay container where some of the routing targets are 465 Implicit tls services. |
Nobody that has spoken up.
Clean PRs that are easy to review, and that include tests that make a reviewer confident the code does what it says on the tin, normally get merged within days. |
Ok, Just as a proof of concept I modified this file: // around line 718
let cryptoSocket
conn_options.rejectUnauthorized=false
const tmpCryptoSocket = net.connect(conn_options);
if (conn_options.port === 465) {
conn_options.socket = tmpCryptoSocket
cryptoSocket = tls.connect(conn_options);
} else {
cryptoSocket = tmpCryptoSocket
} Which means that opening the socket connection is not he problem. Getting the information about need for tls.socket is the tricky part. |
We've had a focus shift which means that we are no longer using Haraka for the project. What I've found so far is that as per my previous example it's technically quite easy. The hard part is how that information is relayed to socket connection time. One option would be to extend the "exchange/MX" object to support this. This could also be bound like the auth is bound. |
moved to wiki/TODO |
Is your feature request related to a problem? Please describe.
When mail server is reachable only via 465 port (TLS), Haraka must support it.
Describe the solution you'd like
There should be a way to configure backend to connect using 465 TLS port.
The text was updated successfully, but these errors were encountered: