Hello all, Please allow me to apologize in advance for any ignorance here…and also, I have researched and am just not seeing the entire picture here.
My goal is to fully understand what is lost by using only self-signed certs on my PF server. Here’s what I think I know: — The fact that the cert is self-signed really only impacts mail coming into our organization from those who are outside the organization. — Because the cert cannot be verified, only anonymous ciphers can be negotiated between my server and the other side’s client. I have to believe there are more considerations here which of course is why I came to you all… OK - please educate as required…and as always many thanks in advance...