On Tue, March 7, 2006 6:56 am, [EMAIL PROTECTED] wrote: > Well, try to disable TLS of ESMTP module. > Some MTAs respond unsupported TLS request in an incorrect way. > When these MTAs meet "EHLO", they reply "250-STARTTLS"; > But actually they cannot support TLS indeed. > > > As well as your problem, another problem about TLS/SSL troubles me > now and again. Some destination hosts check certification too strict to > accept certification signed by my own CA. They recognize ONLY famous CAs > such as VeriSign and Thawte. > > Due to the above two reasons, I have to disable TLS/SSL of ESMTP.
No, you only need to disable it for hosts which "lie" about their TLS capabilities. > But some destination hosts force me to enable TLS/SSL of ESMTP. > What should I do in this chaos, Mr. Sam? Leave STARTTLS enabled for esmtp and only define exceptions in esmtproutes like this: badtls.com:badtls.com,25/SECURITY=NONE this tells Courier to refuse to use STARTTLS with a domain regardless of what the host claims to support. You can use grep or monitor your postmaster account for delays to determine when STARTTLS errors are taking place. Once the line is added, the message should go through successfully on the next delivery attempt. Or you could use "mailq" to identify the message and "courier flush <messageid>" to force a reattempt on delivery. Jay -- Jay Lee Network / Systems Administrator Information Technology Dept. Philadelphia Biblical University -- ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
