Arno wrote:
> Hello,
>
> On Wednesday 14 May 2008 19:35:04 Dino Ciuffetti wrote:
>> Hi. Thanks everybody for yesterday replay that solved my problem!!
>>
>> Is it possible to make courier automagically failing back to plain text
>> for broken smtp hosts that advertise STARTTLS but are broken on STARTTLS
>> command returning something like: "454 TLS not available: missing RSA
>> private key (#4.3.0)"?
>>
>> I googled for it but I found only an old mail of this list saying this is
>> not possible with courier.
>
> AFAIK it isn't possible in general. But think about it: why should it? If you
> announce being able do TLS and actually you aren't why should you announce it
> in the first place? It's up to the receiving server to get it right. Either I
> do "speak" TLS and announce it, or I can't. In the latter case I can't
> announce it.
>
Why do you think it is not possible in general?
>From technical point of view, server allways provides ESMTP response to
STARTTLS command. This command can have limited set of reply codes
{220,501,454}. Only first of them says that TLS negotiation should
start. So, technically it is possible to distinguish cases.
As to why host should advertise TLS capabilities and later refuse to use
it. Mis/under-configuration is one (if software detects this in lazy
way). Lack of resources at the moment of STARTTLS command is another
(load too high at the moment, TLS-accelerator is full, etc).
I do not have arguments why courier should not fallback in 454 cases
[remember "be liberal at what you accept" internet principle?].
--
Aidas Kasparas
IT administrator
GM Consult Group, UAB
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
