Alexei Yu. Batyr' writes:
Sam Varshavchik wrote on 31.03.2013 8:02: > ... > * Changed error handling when sending mail to mail servers that > advertise that they can support encrypted SMTP, but fail to open an > encrypted connection once Courier takes up their offer. Removed the > /SECURITY=NONE option from esmtproutes. When sending mail to a server > that advertises STARTTLS, but either subsequently rejects the STARTTLS > request with an error message, or by dropping the connection, the mail > is requeued, and the server's name is logged. Subsequent connection > attempts to the same server, to resend this message or send any other > message, will ignore the server's STARTTLS capability. This is logged > in a rotating log file, that's erased after 2-4 hours, at which time > the next connection attempt will once again attempt to use STARTTLS, > and see what happens. > > * /SECURITY=REQUIRED replaces /SECURITY=NONE. If set, in esmtproutes, > mail will not be sent to this mail server, without STARTTLS. Note, > though, that this doesn't mean much, unless ESMTP_TLS_VERIFY_DOMAIN is > set to 1 in courierd (together with the additional variables that are > documented there), which will require remote mail servers to use valid > certificates signed by a trusted CA root. > So, from this version on, I cannot maintain my STARTTLS-free SMTP infrastructure (only explicit SSL on dedicated port). Would it be possible to add some configure script parameter, e.g. --smtp-starttls-disable, which will act as ": /SECURITY=NONE" in esmtproutes and remove STARTTLS advertizing from ESMTP greeting (250-XSECURITY=NONE instead of 250-XSECURITY=NONE,STARTTLS)? Or at least leave /SECURITY=NONE as it was?
Not exactly sure what you're looking for, but to disable TLS completely, you just need to remove the couriertls binary. This will prevent Courier from sending mail using STARTTLS, without having to diddle with esmtproutes, and will prevent Courier's esmtpd server from advertising STARTTLS. This is true now.
Nothing changes about incoming mail.
pgpGiwuviKQV8.pgp
Description: PGP signature
------------------------------------------------------------------------------ Own the Future-Intel® Level Up Game Demo Contest 2013 Rise to greatness in Intel's independent game demo contest. Compete for recognition, cash, and the chance to get your game on Steam. $5K grand prize plus 10 genre and skill prizes. Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
