Sam Varshavchik wrote on 31.03.2013 8:02: > ... > * Changed error handling when sending mail to mail servers that > advertise that they can support encrypted SMTP, but fail to open an > encrypted connection once Courier takes up their offer. Removed the > /SECURITY=NONE option from esmtproutes. When sending mail to a server > that advertises STARTTLS, but either subsequently rejects the STARTTLS > request with an error message, or by dropping the connection, the mail > is requeued, and the server's name is logged. Subsequent connection > attempts to the same server, to resend this message or send any other > message, will ignore the server's STARTTLS capability. This is logged > in a rotating log file, that's erased after 2-4 hours, at which time > the next connection attempt will once again attempt to use STARTTLS, > and see what happens. > > * /SECURITY=REQUIRED replaces /SECURITY=NONE. If set, in esmtproutes, > mail will not be sent to this mail server, without STARTTLS. Note, > though, that this doesn't mean much, unless ESMTP_TLS_VERIFY_DOMAIN is > set to 1 in courierd (together with the additional variables that are > documented there), which will require remote mail servers to use valid > certificates signed by a trusted CA root. > So, from this version on, I cannot maintain my STARTTLS-free SMTP infrastructure (only explicit SSL on dedicated port). Would it be possible to add some configure script parameter, e.g. --smtp-starttls-disable, which will act as ": /SECURITY=NONE" in esmtproutes and remove STARTTLS advertizing from ESMTP greeting (250-XSECURITY=NONE instead of 250-XSECURITY=NONE,STARTTLS)? Or at least leave /SECURITY=NONE as it was?
-- Alexei. ------------------------------------------------------------------------------ Own the Future-Intel® Level Up Game Demo Contest 2013 Rise to greatness in Intel's independent game demo contest. Compete for recognition, cash, and the chance to get your game on Steam. $5K grand prize plus 10 genre and skill prizes. Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
