On Tue, Jan 13, 2009 at 12:36:58AM -0800, Neil wrote:
> I'm having some trouble configuring my server for SSL on the
> submission port. I think it's my SSL configuration because using TLS
> on Thunderbird worked fine, but SSL on Thunderbird (and Mail.app)
> fails.
When mail clients say "SSL" they mean the non-standard SSL-wrapper mode,
in which the connecting client first negotiates an SSL session and only
then enters the SMTP protocol engine (server 220 reply, ...). When mail
clients say "TLS", they mean "STARTTLS" in which instead (SSL or) TLS is
negotiated inside the SMTP protocol after the server's EHLO response
(which is expected to list "STARTTLS" as one of the supported ESMTP
extensions).
Therefore, it is wrong to expect "SSL" to work with a "STARTTLS"-enabled
submission service or "TLS" to work with a wrapper-mode "SSL" encapsulated
SMTP service.
> I suspect it has to do with the error listed below; [ ... ]
No, you are starting with a misconception of what "SSL" and "TLS"
mean in this context.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
