On Tue, Jan 13, 2009 at 12:36:58AM -0800, Neil wrote: > I'm having some trouble configuring my server for SSL on the > submission port. I think it's my SSL configuration because using TLS > on Thunderbird worked fine, but SSL on Thunderbird (and Mail.app) > fails.
When mail clients say "SSL" they mean the non-standard SSL-wrapper mode, in which the connecting client first negotiates an SSL session and only then enters the SMTP protocol engine (server 220 reply, ...). When mail clients say "TLS", they mean "STARTTLS" in which instead (SSL or) TLS is negotiated inside the SMTP protocol after the server's EHLO response (which is expected to list "STARTTLS" as one of the supported ESMTP extensions). Therefore, it is wrong to expect "SSL" to work with a "STARTTLS"-enabled submission service or "TLS" to work with a wrapper-mode "SSL" encapsulated SMTP service. > I suspect it has to do with the error listed below; [ ... ] No, you are starting with a misconception of what "SSL" and "TLS" mean in this context. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:majord...@postfix.org?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly.