Bill Landry put forth on 3/2/2010 2:01 AM: > On 3/1/2010 11:51 PM, Stan Hoeppner wrote: >> Daniel L. Miller put forth on 3/2/2010 1:18 AM: >>> OK - I'm an idiot. I'll just admit that up front and get it out of the >>> way. >>> >>> Now that that's settled, what is the difference between "SSL" and "TLS" >>> in a MUA - particularly Thunderbird - in a Postfix context? >>> >>> I would have sworn I used to use Thunderbird with "SSL" specified and >>> connected to my Postfix servers fine. Now, I can only connect in "TLS" >>> mode. What did I break? >> >> It's unlikely you'd forget setting up SSL. You would have likely >> created a >> self signed server certificate and would have installed it on all clients >> connecting to the server, just as must be done with web browsers >> connecting >> to a secure site for the first time. >> >> You've likely been using STARTTLS only, which doesn't require a key >> exchange >> as SSL/TLS does. STARTTLS != TLS. > > Huh, what? STARTTLS == Start TLS > > http://en.wikipedia.org/wiki/STARTTLS
He's talking about Thunderbird Bill. In that context, IIRC, one can check the STARTTLS option box, and if the outgoing SMTP server doesn't support STARTTLS, Thunderbird fails gracefully without error and falls back to plain text mode. If, on the other hand, one checks SSL/TLS, you don't get the graceful failure, but a hard error. This is the context of my STARTTLS != TLS comment. It's been a very long time since I messed with this, probably pre 2.0, so my memory could be a little foggy. I would hope the Mozilla team would have changed this behavior in recent revs of T-Bird. -- Stan
