24 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Failback TLS for ...| From | Sent On | Attachments |
|---|---|---|
| Dino Ciuffetti | May 13, 2008 1:14 pm | |
| Owen O' Shaughnessy | May 13, 2008 1:40 pm | |
| Dino Ciuffetti | May 14, 2008 10:34 am | |
| Arno | May 14, 2008 10:57 am | |
| Dino Ciuffetti | May 14, 2008 11:43 am | |
| Milan Obuch | May 14, 2008 11:46 am | |
| Aidas Kasparas | May 14, 2008 11:53 am | |
| Arno | May 14, 2008 12:33 pm | |
| Lindsay Haisley | May 14, 2008 12:34 pm | |
| Lindsay Haisley | May 14, 2008 12:52 pm | |
| Bernd Wurst | May 14, 2008 1:34 pm | |
| Aidas Kasparas | May 14, 2008 2:15 pm | |
| Esa | May 14, 2008 2:21 pm | |
| Sam Varshavchik | May 14, 2008 3:43 pm | |
| Bernd Wurst | May 14, 2008 10:18 pm | |
| Aidas Kasparas | May 14, 2008 10:44 pm | |
| Jerry Amundson | May 14, 2008 11:20 pm | |
| Aidas Kasparas | May 15, 2008 12:09 am | |
| Owen O' Shaughnessy | May 15, 2008 12:22 am | |
| Esa | May 15, 2008 10:42 am | |
| Aleksander Adamowski | May 16, 2008 2:53 pm | |
| Dino Ciuffetti | May 17, 2008 1:53 am | |
| Aleksander Adamowski | May 29, 2008 12:15 pm |  .pl |
| Aleksander Adamowski | May 29, 2008 12:16 pm | .pl |
| Subject: | Re: [courier-users] Failback TLS for broken smtp servers? | |
|---|---|---|
| From: | Arno (ar...@disconnect.de) | |
| Date: | May 14, 2008 10:57:04 am | |
| List: | net.sourceforge.lists.courier-users | |
Hello,
On Wednesday 14 May 2008 19:35:04 Dino Ciuffetti wrote:
Hi. Thanks everybody for yesterday replay that solved my problem!!
Is it possible to make courier automagically failing back to plain text for broken smtp hosts that advertise STARTTLS but are broken on STARTTLS command returning something like: "454 TLS not available: missing RSA private key (#4.3.0)"?
I googled for it but I found only an old mail of this list saying this is not possible with courier.
AFAIK it isn't possible in general. But think about it: why should it? If you announce being able do TLS and actually you aren't why should you announce it in the first place? It's up to the receiving server to get it right. Either I do "speak" TLS and announce it, or I can't. In the latter case I can't announce it.
I know it's a common problem, and there are a lot of broken servers out there. But it's not up to the sending side to fix the problems of the receiving end...
You could try to make the admin of the the receiving server aware of the problem and have him fix it, but that's about it. Sometimes it works, most of the time it doesn't. At least that's my experience.
There's a workaround, though, but it's ugly: put something like
receiving-domain.example: mx.for.receiving.domain.example /SECURITY=NONE
in your esmtproutes. That fixes the problem for receiving-domain.example, but not in general. As I said, it's an ugly workaround.
HTH,
-- Regards,
Arno.