I am not a complete expert on STARTTLS but I have recently looked investigated it for a project that I was doing. If I am wrong in any of my following point someone please correct me.
Firstly, STARTTLS will not encrypt your entire SMTP connection, just the AUTH info. If you want your actual email to be encrypted your users would have to use pgp or something along those lines. Really all you are worried about is your SMTP auth info. Any further security from that should be with the client. Secondly, I am not sure why the email client is trying to connect on port 465, it should still connect to port 25. From there your client should see that STARTTLS is available and use it if you have specified that option in your settings. Hope that helps a little. -Chad Morland ----- Original Message ----- From: "James Stevens" <[EMAIL PROTECTED]> To: "qmail-ldap list" <[EMAIL PROTECTED]> Sent: Thursday, April 11, 2002 1:00 PM Subject: encrypting the SMTP connection > I'd like to encrypt the smtp connection between my clients and my server > and potentially between mail servers. I have the LDAP patch compiled in > as well as the SMTP AUTH patch. All is functioning correctly. I have > made the changes to the Makefile to enable TLS and when I telnet to my > smtp port and ehlo it I see STARTTLS. I have also created my cert and it > is in my control directory. But when I try to connect from my client to > my server using a secure connection it errors. It seems to be looking > for port 465 that is not available. What am I missing or am I not > understanding this? > > Thanks in advance > James Stevens > > > >
