On Fri, Apr 08, 2011 at 11:09:00PM -0700, email builder wrote: > I'm wondering about the usefulness of smtp(d)_tls_CAfile(path) when using > opportunistic encryption in both incoming and outgoing connections. The > TLS_README suggests that certificate and key files be left empty for > opportunistic smtp processes, but it doesn't talk specifically about > smtp_tls_CAfile(path).
For the SMTP server, you should NOT leave the cert file empty, as many clients won't support aNULL ciphers. Rather, you need to set a self-signed cert, if one of the usual CAs is not suitable. For the SMTP server, since you probably won't ask for client certs, you never need a CAfile or CApath. For the SMTP client, indeed, generally, your key and cert should be set empty. On the other hand, it is a good idea in most cases to have a CAfile and/or CApath with a few trusted roots. > Am I correct to infer that both smtp(d)_tls_CAfile settings only serve > a purpose when you want to verify client/server certificates? > If that's the case, why does the example at the bottom of TLS_README > use both the CAfile settings with only opportunistic encryption? This reduces log noise, and improves the audit trail. > Our system seems to work without any CAfile/CApath settings under > opportunistic > encryption both incoming and outgoing. Is there a performance or security > difference between using them or not? You should probably throw in a few trusted root CAs. -- Viktor.