On Tue, Jan 22, 2013 at 03:05:50PM +0000, Marco wrote:
Hello perdition users!
I really appreciate Perdition, works great also in large environment!
I see that Perdition supports STARTTLS/STLS to manage secure connections.
In my network I would like separate "good" ips and "bad" ips, where
"good" can establish a clear connection (tls_listen), and "bad" must
starttls (tls_listen_force), all on the same perdition server.
Is this possible?
It would be very useful for me if ssl_mode could be user based (for
instance set on LDAP profile of the account). Otherwise, it could be
very useful a behaviour like Postfix: local networks can connect without
encryption, and other must use STARTTLS.
Hi Marco,
I agree that is a good idea and I am somewhat familiar with how
Postfix can be configured to achieve this. Unfortunately perdition
does not have a mechanism to support this at this time. So some
code enhancement would be required in order to support the feature
you describe.