oh. that sounds like a good approach. the tls implementation for exchange
seems
to imply that sending to hosts is done on a host by host basis - but i could
be interpreting
that incorrectly as well. in light of your response i have some follow up
questions:
1.)my assumption is that the smtp client will use it's own certificate, is
this correct ?
if it is, what are the /var/qmail/tlshosts/<clientcert>.pem files for ?
2.)i am signing the cert myself with openssl. do i need to run a CA for
these to work ?
thanks.
sean
-----Original Message-----
From: MarkD [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 31, 2001 4:38 PM
To: '[EMAIL PROTECTED]'
Subject: Re: TLS implementation.
TLS negotiated after the connection is established (basically they
send STARTTLS and take note of the response code). You should not need
to configure anything. What makes you think you need to do this?
Regards.
On Tue, Jul 31, 2001 at 04:24:53PM -0400, McHugh, Sean allegedly wrote:
> We almost have qmail with TLS.patch working on Solaris 8 (x86). Server
> allows starttls
> command and patch installed fine. We are a little stuck at the point
where
> we specify
> what host we want qmail-remote to invoke TLS for and what hosts we want
> qmail-smtpd to force to
> use TLS in sending to us. The patch documentation is not clear on how
this
> is done. Can anyone
> give me clue ? Is there a HOW-TO:Qmail/TLS for dummies like us ?
>
> sean
