On 19/04/12 14:26, Sam Varshavchik wrote: >> That postfix config example allowed for MULTIPLE bindings to >> MULTIPLE IPs with each providing it's own outgoing hostname and >> SSL certificate. > > You're using client certificates to authenticate your outbound SSL > connections?
Sorry Sam, now I see what I did not explain properly. It's for incoming SMTPS connections on port 465 so that when a client connects to the server they can use "theirdomain.com" for the outgoing mailserver with their own "theirdomain.com" SSL cert. When the message gets delivered it appears to the recipient as if coming from theirdomain.com and passes all SPF and eyeball checks as to looking like it really did come from the theirdomain.com mailserver with no hint of any other domainname involved, including the canonical server hostname. The "magic" is that there can be MULTIPLE virtual hosts on the same physical server all providing their own masqueraded identities with the sending clients connecting to what they think is their own mailserver and for all intents and purposes, they are. *** Some people dismiss this as trivial vanity provisioning but we MAY be facing a legal requirement to keep all mail for 7 years, not just the mailserver logs, so to save problems down the track it would be excellent if each domain owner has a mail record that only shows their own identity and does not implicate or involve any other domain entity. Normally we would have to provide separate server hardware for each domain client to satisfy this requirement, most providers currently do, but if this mailserver virtualisation works then we can obviously provide the same service MUCH cheaper than anyone else and therefor have a business case for wanting to do this. My brief testing with postfix shows that it can do this but I would prefer to stick to courier if possible, mainly because I appreciate the support that you and others on this list provide. ------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2 _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
