--- On Thu, 11/26/09, Victor Duchovni <victor.ducho...@morganstanley.com> wrote:
> From: Victor Duchovni <victor.ducho...@morganstanley.com> > Subject: Re: CMD tool to check if next SMTP hop can use TLS for messages? > To: postfix-users@postfix.org > Date: Thursday, November 26, 2009, 3:33 PM > On Thu, Nov 26, 2009 at 05:02:33AM > -0800, Harakiri wrote: > I have an unreleased utility to probe the TLS support of > remote TLS > servers, but it is NOT intended for use during message > delivery or > by content filters. Rather, the purpose is to determine the > available > security options for a tls policy entry for the > destination. > > - Is TLS available at all > - What ciphers > - What certificate issuer(s), subject CN and > altNames. sound interesting - is there a CMD app available? > What problem are you actually trying to solve? I know about all the difficulties with MX lookup etc, the original goal would be - that i have a policy for external domains - and that for certain domains a message should only be sent if TLS is available - if a message to a certain domain is sent which does not support TLS - it should be blocked - i know i could probably do this with a policy server but i already have a custom 'filter' with an existing policy system - so thats why i asked if there is a tool which could query a server for TLS support - also i would like to visualize in my graphical mail log that the message has been sent using TLS. Thanks