Wietse Venema:
> I have built an event-driven TLS proxy for postscreen(8). This
> addresses the problem that postscreen(8) could not be used when
> SMTP clients require STARTTLS support.
>
> The new daemon is called starttlsd(8). When a non-whitelisted (*)
> SMTP client sends a STARTTLS command, postscreen(8) will hand off
> the connection to starttlsd(8) and read/write the plaintext to/from
> starttlsd(8).
>
> The challenge was that one starttlsd(8) must be able to handle the
> TLS <=> plaintext translation for more than one SMTP client, but
> thanks to careful planning, it worked out of the box.
This is uploaded as postfix-2.8-20101230-nonprod. The code has had
limited testing, so keep an eye on things if you intend to expose
it to the network.
Wietse
