On 15 February 2017 8:34:55 PM AEDT, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > >> On Feb 15, 2017, at 4:27 AM, Henry <der...@gmail.com> wrote: >> >> With this being the case what is the point of using SSL certificates >> for sending? > >I repeat myself. Typically none. They largely only cause some harm. > >> There is a long discussion on using is here however I am >> not unsure of the purpose. > >Certificates on mail servers are for inbound email. Only very rarely >are >they an alternative to SASL authentication for submission.
I think some defense contractors also use certificates for mutual authentication for classified emails with a big administrative overhead for distributing fingerprints to other organisations and client support to indicate that a message can't be sent over unauthenticated SMTP conversations. > >> >https://community.letsencrypt.org/t/using-lets-encrypt-certs-with-postfix/18957 >> >> If it does not secure the outbound does it in anyway help to validate >> that I as the source am legitimate? > >Look at the last two comments in that topic (and guess who their author >is). > >Any fool/miscreant can get himself a certificate, having one proves >nothing. > > https://www.postfix.org/TLS_README.html#client_tls_limits
