>Thank you for the binary. It works perfectly on my test server.
>However I have a couple of questions regarding this:
>
>1. In Outlook Express I have two security checkboxes when configurating the
>client against a server. One is "Log on using Secure Password
>Authentication" and the other is "This server requires a secure connection
>(SSL)". When using #2 all is well but when checking in #1 authetication is
>not performed. I figure this "Secure Password Authentication" is Micros~1
>specific and not compatible with DNEWS. Is this true?
Yes.
>2. Using "Secure Password Authentication" however is not neccesary since
>the password is SSL encrypted when #2 is checked. Right?
Yes.
>3. The DNEWs server still answers on port 119. This allows uers to login
>with the password unencrypted if they didn't follow the instructions to
>change their client to use SSL. Can I make DNEWS send a customized
>errormessage on port 119 before asking for password athentication? If not
>can I prevent DNEWS from answering on port 119?
yes sort of, add to dnews.conf
nntp_logoff Please modify your client to use SSL
And in access.conf add:
*:logoff:::*
127.0.01:read,post:::*
I think that will do the trick, basically their is a fault in the ssl
wraping in that
the connections appear to come from the local host, and you can exploit that
to refuse connections that don't come from the local host. The down side
is you really need to use user/passwords for access control as ip addresses
are not applied in access.conf correctly.
ChrisP.
>Best regards,
>Erik Alsmyr
>
>"Chris" <[EMAIL PROTECTED]> wrote in message
>news:39ea6f73$[EMAIL PROTECTED]...
> >
> > "Erik Alsmyr" <[EMAIL PROTECTED]> wrote:
> > >I need to add SSL or some other encryption between news clients (outlook,
> > >netscape) and my DNEWS server. I read in the manual about techniques for
>it
> > >in UNIX environment but I use NT.
> > >
> > >The important issue is to encrypt the user authenication process, not the
> > >content of the messages. But I believe I have to use encryption on all
> > >traffic.
> > >
> > >Has someone done this?
> > >
> > >Please point me to some instructive document on how to handle this in
>NT4.
> > >
> >
> > Hi, I've looked into this and we can provide you with a binary
> > for NT, I'll email you directly with more details, for stupid export
> > reasons we will need to get you to fill in a form first :-).
> >
> > ChrisP.
> >
