On Thu, 31 Jul 2003 20:34:15 +0200 Juri Haberland wrote:
Postfix-tls has the same "problems" but provides a file called
'tls_per_site', where you can disable TLS for a particular site -
obviously similar to 'esmtproutes'.
IMHO, what you are asking for is a workaround for bugs in other MTA
software. One can argue about that...
It's all very well to argue about correct behaviour in other MTAs.
But the problem remains, that mail remains undelivered. And sometimes,
email *is* important.
As I wrote in another mail, if you don't check your logs, you're to blame
- not the software.
We're talking here about a feature in courier which allows for it to
fall back to an unencrypted connection if STARTTLS negotiation fails.
Exim is a great example reasonable behaviour. If it tries STARTTLS, and
that fails, it falls back to an unencrypted connection, logging this
fact; email gets delivered. However, exim can be told to specifically
insist on STARTTLS with certain sites, in which case, a failure to
negotiate a secure connection will cause the message to bounce. We might
want this kind of behaviour with certain sites.