>Matus UHLAR - fantomas writes: >>What error does courieresmtp generate now, when it envounters STARTTLR >>error with SMTP server? >>Can I turn on fallback to plaintext SMTP, when courier encounters such >>error? >> >>While I would like to use TLS where possible, I'm ok without it - >>we currently send all mail without TLS now :)
On 15.08.11 15:02, Sam Varshavchik wrote: >There are several possibilities. If the STARTTLS command itself >fails, it's an SMTP error no difference then any other SMTP error, >and will be either permanent or transient depending on its numerical >code. If the STARTTLS command succeeds, but TLS negotiation fails, >its a permanent error. But in either case there is really no fallback >path. Actually, there is, in both cases, but it needs administrator intervention. But both cases need temporary failures and not dropping the mail imediately. >For practical purposes TLS for SMTP is fundamentally broken. hmm? >Many TLS servers simply use self-signed certs, making TLS >fundamentally useless as means for effective encryption. Imho still better than nothing. And servers that have signed certificates can already use trusted SSL path. -- Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Due to unexpected conditions Windows 2000 will be released in first quarter of year 1901 ------------------------------------------------------------------------------ uberSVN's rich system and user administration capabilities and model configuration take the hassle out of deploying and managing Subversion and the tools developers use with it. Learn more about uberSVN and get a free download at: http://p.sf.net/sfu/wandisco-dev2dev _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
