returning to an old thread... (sorry for the quoted reply w/o comments) >Matus UHLAR - fantomas writes: >>What error does courieresmtp generate now, when it envounters STARTTLR >>error with SMTP server? >>Can I turn on fallback to plaintext SMTP, when courier encounters such >>error? >> >>While I would like to use TLS where possible, I'm ok without it - >>we currently send all mail without TLS now :)
On 15.08.11 15:02, Sam Varshavchik wrote: >There are several possibilities. If the STARTTLS command itself >fails, it's an SMTP error no difference then any other SMTP error, >and will be either permanent or transient depending on its numerical >code. If the STARTTLS command succeeds, but TLS negotiation fails, >its a permanent error. But in either case there is really no fallback >path. There would be a fallback path, if courier returned and reported tempfail in such case: we could set up esmtproutes for such host that would disable using starttls there, and the mail would get delivered. Currently, when STARTTLS fails, courier issues permanent error which causes mail to be imediately lost, which is why we can not use starttls by default. Can you please change the STARTTLS error to cause temporary failure? Thank you. >For practical purposes TLS for SMTP is fundamentally broken. Many TLS >servers simply use self-signed certs, making TLS fundamentally >useless as means for effective encryption. Many does not mean all - those who use certificates signed by truaster authorities are safe. And we can still configure other certificates as trusted. -- Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside... ------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
