18 messages in net.sourceforge.lists.courier-usersRe: [courier-users] ESMTP_USE_STARTTL...| From | Sent On | Attachments |
|---|---|---|
| Matus UHLAR - fantomas | Aug 15, 2011 7:38 am | |
| Sam Varshavchik | Aug 15, 2011 12:02 pm | |
| Matus UHLAR - fantomas | Aug 16, 2011 12:07 am | |
| Matus UHLAR - fantomas | Oct 27, 2011 4:33 am | |
| Matus UHLAR - fantomas | Oct 27, 2011 4:45 am | |
| Alessandro Vesely | Oct 30, 2011 7:50 am | |
| Ben Kennedy | Oct 30, 2011 12:03 pm | |
| Alessandro Vesely | Oct 31, 2011 7:22 am | |
| Sam Varshavchik | Nov 3, 2011 5:47 pm | |
| Alessandro Vesely | Nov 4, 2011 3:53 am | |
| Matus UHLAR - fantomas | Nov 4, 2011 4:09 am | |
| Sam Varshavchik | Nov 4, 2011 5:25 am | |
| Sam Varshavchik | Nov 4, 2011 5:29 am | |
| Matus UHLAR - fantomas | Nov 4, 2011 5:45 am | |
| Sam Varshavchik | Nov 5, 2011 9:46 pm | |
| Alessandro Vesely | Nov 6, 2011 3:51 am | |
| Sam Varshavchik | Nov 6, 2011 4:16 am | |
| Matus UHLAR - fantomas | Nov 6, 2011 7:55 am |
| Subject: | Re: [courier-users] ESMTP_USE_STARTTLS error question | |
|---|---|---|
| From: | Matus UHLAR - fantomas (uhl...@fantomas.sk) | |
| Date: | Oct 27, 2011 4:45:19 am | |
| List: | net.sourceforge.lists.courier-users | |
returning to an old thread... (sorry for the quoted reply w/o comments)
Matus UHLAR - fantomas writes:
What error does courieresmtp generate now, when it envounters STARTTLR error with SMTP server? Can I turn on fallback to plaintext SMTP, when courier encounters such error?
While I would like to use TLS where possible, I'm ok without it - we currently send all mail without TLS now :)
On 15.08.11 15:02, Sam Varshavchik wrote:
There are several possibilities. If the STARTTLS command itself fails, it's an SMTP error no difference then any other SMTP error, and will be either permanent or transient depending on its numerical code. If the STARTTLS command succeeds, but TLS negotiation fails, its a permanent error. But in either case there is really no fallback path.
There would be a fallback path, if courier returned and reported tempfail in such case: we could set up esmtproutes for such host that would disable using starttls there, and the mail would get delivered.
Currently, when STARTTLS fails, courier issues permanent error which causes mail to be imediately lost, which is why we can not use starttls by default.
Can you please change the STARTTLS error to cause temporary failure? Thank you.
For practical purposes TLS for SMTP is fundamentally broken. Many TLS servers simply use self-signed certs, making TLS fundamentally useless as means for effective encryption.
Many does not mean all - those who use certificates signed by truaster authorities are safe. And we can still configure other certificates as trusted.
-- Matus UHLAR - fantomas, uhl...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside...
------------------------------------------------------------------------------ The demand for IT networking professionals continues to grow, and the demand for specialized networking skills is growing even more rapidly. Take a complimentary Learning@Cisco Self-Assessment and learn about Cisco certifications, training, and career opportunities. http://p.sf.net/sfu/cisco-dev2dev
_______________________________________________ courier-users mailing list cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users