On Mon, Feb 23, 2009 at 05:40:05PM -0500, Timo Sirainen wrote:
> It's too late for a few times (until user fixes the client
> configuration), but not forever (because it won't work until the
> configuration is fixed). Also with a laptop the initial setup is often
> done in a relatively safe location such as home or office, while the
> connections afterwards could be done in all kinds of insecure places.
Perhaps, but often the setting is "TLS when available", so you only get
illusory protection. With Postfix, the right place to enforce this is
in the MTA. If some users need non-TLS MTAs, point them at alternative
submission server. Which mainstream MUAs can't do TLS submission at
this point in time?
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
