Hi Chris, Thanks for the reply. Please see embedded comments.
On Jan 11, 2010, at 11:11 AM, Christoph Anton Mitterer wrote: > On Mon, 2010-01-11 at 11:04 -0500, Dennis Putnam wrote: >> I want to enforce TLS but I don't care what certificate the receiver >> uses. Thanks. > Apart from the fact that enforcing TLS with SMTP is usually a bad idea, > setting the > smtp_tls_security_level = encrypt > should usually do what you mean, enforce TLS with the remote SMTP > server, but accept untrusted certs or even those with a wrong name. I don't get to choose, I just have to do it. How these parameters work is still a little confusing to me. I have smtpd and smtp security levels set to 'may.' What I am trying to do it set up opportunistic TLS except for specific hosts that I need to enforce (smtp_tls_per_site). What I noticed is that this one site was using Thawte as the signing authority. I tried adding their root certificate to my config and now the error has changed to a warning about untrusted TLS connection but the mail seems to be moving now. Did I stumble on to a fix or am I still missing something? > > >> The information contained in this e-mail and any attachments is >> strictly confidential. If you are not the intended recipient, any use, >> dissemination, distribution, or duplication of any part of this e-mail >> or any attachment is prohibited. If you are not the intended >> recipient, please notify the sender by return e-mail and delete all >> copies, including the attachments. > There is (at least in most countries) no legal ground for so called > "disclaimers".... and they're quite stupid and annoying when sending > them to public mailing lists. I am quite familiar with the arguments but again it is not my choice. If you want, I can give you the number of our corporate lawyers and you can try to convince them. Perhaps you will have better luck than me. :-) > > > > Cheers, > Chris. Dennis Putnam Sr. IT Systems Administrator AIM Systems, Inc. 11675 Rainwater Dr., Suite 200 Alpharetta, GA 30009 Phone: 678-240-4112 Main Phone: 678-297-0700 FAX: 678-297-2666 or 770-576-1000 The information contained in this e-mail and any attachments is strictly confidential. If you are not the intended recipient, any use, dissemination, distribution, or duplication of any part of this e-mail or any attachment is prohibited. If you are not the intended recipient, please notify the sender by return e-mail and delete all copies, including the attachments.
