Lindsay Haisley writes:
So it looks as if the issue here is that courier is using only SSL/TLS v2 or v3. If I spec TLS v1 to couriertls I get, with no errors:# TLS_VERIFYPEER=NONE TLS_PROTOCOL=TLS1 couriertls -host=mx.nv.net -port=25 - protocol=smtp -printx509=2
The setting is TLS_PROTOCOL=TLSv1 in the current version.The default setting should negotiate either SSLv3, or TLSv1. It's my understanding is that the way it works is that the client requests SSLv3 with a protocol option indicating that it supports TLSv1 too, and the server, if it supports TLSv1, selects it. Or, the other way around.
It's difficult to see how and where to do this. There are 3 config files in which TLS_PROTOCOL can be set for ESMTP: courierd, esmtpd esmtpd-ssl. It's also unclear whether courier is using the OpenSSL or GnuTLS libs, and the syntax of TLS_PROTOCOL settings depends on which of these in in the loop. Both are available on the system. Where should I set this and which syntax should I use?
TLS_PROTOCOL is used for OpenSSL only. The settings in the courierd file are used when Courier is sending mail, the other two when it's the server, receiving mail.
The next time I have some free time, I'll rebuild Courier to use GnuTLS and see if it can talk to that capricious server, by default.
pgpaadNUw7WRY.pgp
Description: PGP signature
------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available. Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
