[linux-elitists] Casual Encryption

Marc MERLIN marc@merlins.org
Sun Jul 28 19:15:49 PDT 2002


On Fri, Jul 12, 2002 at 12:06:23AM -0400, Jason Costomiris wrote:
> On Thu, Jul 11, 2002 at 10:59:25AM -0400, Aaron Sherman wrote:
> : I took a look at some of the docs out there, and it actually seems as if
> : encryption will *fail* if the sender cannot verify your certificate with
> : a CA.
> 
> As others have indicated, this is definitely configuration-dependent.
> 
> Consider this snip from my maillog:
> 
> Jul  7 09:52:05 neo postfix/smtpd[20603]: setting up TLS connection from usw-sf-fw2.sourceforge.net[216.136.171.252]
> Jul  7 09:52:05 neo postfix/smtpd[20603]: TLS connection established from usw-sf-fw2.sourceforge.net[216.136.171.252]: TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
 
BTW, you can thank me for having enabled that :-)

The only problem is remote mail servers that advertize auth, but then fail
miserably when you try to use it.
The said people then complain that they can't get mail.

Oh well...

Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking 
Home page: http://marc.merlins.org/   |   Finger marc_f@merlins.org for PGP key



More information about the linux-elitists mailing list