cfmail to Exchange using TLS
I am developing a solution for my company to be able to send email from our CF 8 application using TLS for security reasons and have a couple things that I would like to get clarified. I looked at the headers of the emails sent by my solution and I noticed that the transfer encoding was only 7 bit. The certificate that we are using on the development box is self signed so I am hoping that is the reason for the low encoding level, but I'm not sure. What I would like to clarify is the following: 1. Is the self signed certificate the reason for the encoding level? 2. Will a genuine certificate from a reputable source improve the encoding level? 3. Do I need to install a certificate somewhere in ColdFusion? 4. Is this a limitation of the CF 8 cfmail tag? 5. Is this something that needs to be addressed on the Exchange server? 6. Am I off the mark on this completely? I have no experience sending secured email from CF so any help or advice would be appreciated. TIA -- David Phelan ColdFusion/Flex Application Developer phelan.dav...@gmail.com ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351315 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfmail to Exchange using TLS
The encryption level is determined by the cert. You can generate any type of cert yourself and it will do the same job but it will not be trusted in a browser is not provided by a known ca. The encryption is done by the cert on the mailserver so nothing to install on cf side. Why type of cert did you generate? On May 23, 2012 6:41 PM, David Phelan phelan.dav...@gmail.com wrote: I am developing a solution for my company to be able to send email from our CF 8 application using TLS for security reasons and have a couple things that I would like to get clarified. I looked at the headers of the emails sent by my solution and I noticed that the transfer encoding was only 7 bit. The certificate that we are using on the development box is self signed so I am hoping that is the reason for the low encoding level, but I'm not sure. What I would like to clarify is the following: 1. Is the self signed certificate the reason for the encoding level? 2. Will a genuine certificate from a reputable source improve the encoding level? 3. Do I need to install a certificate somewhere in ColdFusion? 4. Is this a limitation of the CF 8 cfmail tag? 5. Is this something that needs to be addressed on the Exchange server? 6. Am I off the mark on this completely? I have no experience sending secured email from CF so any help or advice would be appreciated. TIA -- David Phelan ColdFusion/Flex Application Developer phelan.dav...@gmail.com ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351316 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
Re: cfmail to Exchange using TLS
I am developing a solution for my company to be able to send email from our CF 8 application using TLS for security reasons and have a couple things that I would like to get clarified. I looked at the headers of the emails sent by my solution and I noticed that the transfer encoding was only 7 bit. The certificate that we are using on the development box is self signed so I am hoping that is the reason for the low encoding level, but I'm not sure. What I would like to clarify is the following: 1. Is the self signed certificate the reason for the encoding level? 2. Will a genuine certificate from a reputable source improve the encoding level? 3. Do I need to install a certificate somewhere in ColdFusion? 4. Is this a limitation of the CF 8 cfmail tag? 5. Is this something that needs to be addressed on the Exchange server? 6. Am I off the mark on this completely? I have no experience sending secured email from CF so any help or advice would be appreciated. I think the answer to (6) is yes. The certificate should have nothing to do with the actual content of the email, and is just used to establish an encrypted connection. That said, if you're looking at the headers sent before the encrypted connection is established, you might not see anything beyond the standard 7-bit transfer encoding that SMTP supports. ESMTP and 8-bit MIME are required for more complex transfer encodings. I suspect you don't really get to see that information before the encrypted connection is established. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, o ~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:351317 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
