SZÉPE Viktor writes:
Hello!Could it be that Courier MTA cannot be configured to send emails securely (using SSL) to Sendgrid because they have their hostname in SAN not in CN?
The OpenSSL library does not validate peer hostnames, leaving it up to the application to do that. Courier's manual hostname validation code checks CN only.
Hostname validation for SMTP is a mess. Many servers use self-signed certs, not signed by a trusted CAs, as such most servers typically do not verify peer hostnames.
You can also recompile Courier to use GnuTLS, which handles hostname verification itself, and will presumably check SAN.
pgpDWOlfNdYSw.pgp
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
