[linux-elitists] Casual Encryption

Jason Costomiris jcostom@jasons.org
Thu Jul 11 21:06:23 PDT 2002


On Thu, Jul 11, 2002 at 10:59:25AM -0400, Aaron Sherman wrote:
: I took a look at some of the docs out there, and it actually seems as if
: encryption will *fail* if the sender cannot verify your certificate with
: a CA.

As others have indicated, this is definitely configuration-dependent.

Consider this snip from my maillog:

Jul  7 09:52:05 neo postfix/smtpd[20603]: setting up TLS connection from usw-sf-fw2.sourceforge.net[216.136.171.252]
Jul  7 09:52:05 neo postfix/smtpd[20603]: TLS connection established from usw-sf-fw2.sourceforge.net[216.136.171.252]: TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)

I rolled my own cert.  Crypto yes, Authentication, nope.  That's ok with me.

Postfix was amazingly easy to setup to do TLS for both mail transit, as well
as relay from clients, as well as setup SASL to authenticate those relay
users (took *maybe* 5 minutes, including reading).

-- 
Jason Costomiris <><           |  Technologist, geek, human.
jcostom {at} jasons {dot} org  |  http://www.jasons.org/ 
          Quidquid latine dictum sit, altum viditur.
                    My account, My opinions.



More information about the linux-elitists mailing list