On 2/16/21 2:29 AM, Kevin Shell wrote:
What requirements are needed for smtps imaps pop3s nntps client programs
to tunnel thru squid proxy?
On 16.02.21 11:28, Alex Rousskov wrote:
If your Squid is a forward proxy, then those clients have to support
HTTP (and/or HTTPS) forward proxies. In other words, they should
establish a standard HTTP CONNECT tunnel through Squid.
If you are intercepting their traffic, then there are no special
requirements for those clients. You will have to configure Squid to
splice the intercepted connection before getting to unencrypted bytes so
your Squid will be limited to very basic checks at or below the TLS layer.
also, squid must allow CONNECT to smtps, imaps, pop3s and nntps ports.
which usually means, they have to be added to ssl_ports ACL.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
