Re: [courier-users] outbound TLS errors

Mon, 11 Oct 2004 02:30:54 -0700

I would argue that this *is* the correct behavior *for Courier* in this situation... which is that the remote server indicates that it supports STARTTLS. But due to a remote configuration error -- probably a lack of a certificate -- TLS doesn't actually function. I rather like the idea of knowing that a server says it can communicate securely but really doesn't deliver on that.

As for esmtproutes, I prefer a simpler form that *just* disables secure communication to one or more domains.

    domain.com: /SECURITY=NONE

Why? Because I don't like the idea of forcing my server always to talk through just one MX. And by not indicating it in the routes line, I'm really doing what I intended: just turn off secure communication with that domain.

Bill


Jacob S. Barrett wrote:

Add a line like this to esmtproutes:

mrswashington2003.com:mail.mrswashington2003.com/SECURITY=NONE

This says that for mail to mrwashington2003.com go through the host "mail" wtih no SSL/TLS.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to