Hi Scott, >What is the general consensus of the 2.x release. Is it mostly safe to >run in production?
V2 is running in production for more than a year now (not every release - but the most) - 2.0.1_RC0.4.0x is the most fast release ever build! >I would like to know the state of SSL/TLS as well. I'm running TLS/SSL on windows without any problems. We have to stay on the modules IO::Socket::SSL and Net::SSLeay - and yes it could be possible, that some mail servers are unable to talk to these modules (SSL) - and yes this could be OS dependend. > One goal is to have ASSP blindly proxy traffic for the remote MTA This is implemented for TLS in V2 since 05.2008 ! >Meaning, if the remote >is not configured for MTA to MTA opportunistic SSL/TLS, then I would >want ASSP to not add in the features. ASSP only injects the 250-STARTTLS offer in the EHLO answer (if configured to do so) - if the remote MTA (client) does not support TLS (sends STARTTLS) - TLS will not be started. There is no chance to detect if the remote MTA (client) supports TLS or not (RFC 4954) - such handshake is not implemented in SMTP - except he is sending HELO, in this case ASSP will not offer 250-STARTTLS because this peer uses not extended SMTP. If configured ASSP will also send EHLO instead of HELO to the server, to possibly switch the server connection to TLS. >If the remote sends pipelining, PIPELINING is not supported by any ASSP version and the offer 250-PIPELINING will be removed from the protocol stack by ASSP - also CHUNKING and XEXCH50 These SMTP-features are breaking the major logic of ASSP. >I would like a real port mirror of the MTA. Disable TLS/SSL and sendEHLO and this will be the case - except CHUNKING, PIPELINING and XEXCH50 Thomas Scott Haneda <[email protected]> 21.08.2009 19:10 Bitte antworten an ASSP development mailing list <[email protected]> An "[email protected]" <[email protected]> Kopie Thema [Assp-test] General 2.x questions Hello. For some time now I have worked on a one command installer for ASSP 1.5.x for Mac OS X. It installs all perl modules, dependencies, and ASSP. Myself and one friend have it working. My friend is using it in full production sucessfully. I have halted the release waiting for a final stable of that branch. I myself ran into SSL/TLS errors that I could not resolve. I am considerig abandoning this in favor of putting the work into 2.x. What is the general consensus of the 2.x release. Is it mostly safe to run in production? I would like to know the state of SSL/TLS as well. One goal is to have ASSP blindly proxy traffic for the remote MTA. Meaning, if the remote is not configured for MTA to MTA opportunistic SSL/TLS, then I would want ASSP to not add in the features. If the remote sends pipelining, ASSP would just pass that along. SSL/ TLS is nice for those who do not have an MTA that supports it. If the MTA does, I would like a real port mirror of the MTA. If I telnet direct to the MTA and look at the transaction, I would expect it to be identical if ASSP was where I telnetted to, when it forward off to the MTA. If the stability is there, I will start rewriting my installer code to handle 2.x installs and updates. I'm also going to work on a full replacement of the stats pages to use rafaelJS for nice, non flash based MRTG style reports on ASSP traffic. Any pointers on where ASSP 2 is at with regard to being able to be used in production are appreciated. Thoughts on running on Dual CPU 2.0 Ghz PPC, 8GB ram, 4 drive sata 2 raid with 2x2 stripe/mirror. But I also have postfix, low overhead, and dovecot IMAP, which is disk I/O heavy with the amount of mail stores I have. -- Scott Iphone says hello. ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! ******************************************************* ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
