afm wrote:
When the proxy receives a CONNECT request, it is also told to what host the client would like to connect. So the proxy could generate a certificate matching that host name on the fly and negotiate an SSL connection with the browser.
What you're describing is effectively an SSL man-in-the-middle attack, and although you're doing it for useful purposes, it is the wrong way to go about this.
The correct solution is to set up your own reverse proxy, with your own real SSL cert, which can reverse proxy the webmail site. The module you described can then be used to virus scan the mail.
As a separate exersize, block access to the webmail systems, and inform people they must use your reverse proxied website instead in order to gain access.
Regards, Graham --
