3580 – Add support for some SSL options to spamc and spamd

Bug 3580 - Add support for some SSL options to spamc and spamd

Summary: Add support for some SSL options to spamc and spamd

Status:	RESOLVED DUPLICATE of bug 7185

Alias:	None

Product:	Spamassassin
Classification:	Unclassified
Component:	spamc/spamd (show other bugs)
Version:	SVN Trunk (Latest Devel Version)
Hardware:	Other other

Importance:	P5 enhancement
Target Milestone:	Future
Assignee:	SpamAssassin Developer Mailing List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-07-08 21:11 UTC by Sidney Markowitz
Modified:	2022-03-06 16:14 UTC (History)
CC List:	1 user (show)

Attachment	Type	Modified	Status	Actions	Submitter/CLA Status
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sidney Markowitz 2004-07-08 21:11:41 UTC

spamd and spamc make only minimal use of SSL, encrypting the data to protect
against eavesdropping on the network. It does not check that the host name of
the server matches the certificate that is presented, and it does not make use
of a list of trusted root certificates, which are two ways that the client can
verify that it is talking to the authorized server. It does not allow for use of
a client side certificate that would authenticate spamc to the server. OpenSSL
can support these functions, but it would require adding options to spamc and
spamd to specify their use.

The limitations in the support of SSL should be documented, along with the
suggestion that using a VPN may be a satsifactory workaround. It may be enough
to just document the lack of what we are not willing to implement.

Comment 1 Daniel Quinlan 2005-03-30 01:08:42 UTC

move bug to Future milestone (previously set to Future -- I hope)

Comment 2 Henrik Krohns 2022-03-06 16:14:46 UTC

Closing ancient stale bug.

*** This bug has been marked as a duplicate of bug 7185 ***