Kyle Wheeler wrote:
On Wednesday, November 14 at 10:51 PM, quoth Marcus Rueckert:
rejecting on wrong informations in HELO/EHLO saves me lots of spam.
That's a half-baked idea at best, given that you're violating a MUST NOT
in the SMTP specification. Plus, how do you judge "wrong"? Hotmail and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 14 Nov 2007, Nikolay Shopik wrote:
The IMAP spec does not contain an identification of the client application
to the server. There is no "HELO" as in SMTP.
And HELO in SMTP is entirely unreliable, unverifiable, and on many servers
completel
On Wednesday, November 14 at 10:51 PM, quoth Marcus Rueckert:
rejecting on wrong informations in HELO/EHLO saves me lots of spam.
That's a half-baked idea at best, given that you're violating a MUST
NOT in the SMTP specification. Plus, how do you judge "wrong"? Hotmail
and MSN both fail to us
On 2007-11-14 13:31:00 -0600, Kyle Wheeler wrote:
> On Wednesday, November 14 at 09:35 PM, quoth Nikolay Shopik:
> >>And HELO in SMTP is entirely unreliable, unverifiable, and on many
> >>servers completely skippable.
> >>
> >RFC says you SHOULD use FQDN for HELO nothing more. But still you
> >ca
On Wednesday, November 14 at 09:15 PM, quoth Timo Sirainen:
On Wed, 2007-11-14 at 12:29 -0600, Kyle Wheeler wrote:
On Wednesday, November 14 at 11:51 AM, quoth Ed W:
> Is TLS always performed BEFORE auth with generally available POP/IMAP
> clients?
..
Technically, there's nothing in the IMAP s
On 14.11.2007 22:31, Kyle Wheeler wrote:
On Wednesday, November 14 at 09:35 PM, quoth Nikolay Shopik:
And HELO in SMTP is entirely unreliable, unverifiable, and on many
servers completely skippable.
RFC says you SHOULD use FQDN for HELO nothing more. But still you can
add SPF record for your
On Wednesday, November 14 at 09:35 PM, quoth Nikolay Shopik:
And HELO in SMTP is entirely unreliable, unverifiable, and on many
servers completely skippable.
RFC says you SHOULD use FQDN for HELO nothing more. But still you
can add SPF record for your HELO so nobody can foged your server
HELO
On Wed, 2007-11-14 at 12:29 -0600, Kyle Wheeler wrote:
> On Wednesday, November 14 at 11:51 AM, quoth Ed W:
> > Is TLS always performed BEFORE auth with generally available POP/IMAP
> > clients?
..
> Technically, there's nothing in the IMAP spec that forbids doing it
> the other way around,
Actu
On 14.11.2007 21:30, Kyle Wheeler wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday, November 14 at 02:18 PM, quoth Steffen Kaiser:
On Wed, 14 Nov 2007, Ed W wrote:
Is TLS always performed BEFORE auth with generally available POP/IMAP
clients?
The IMAP spec does
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday, November 14 at 02:18 PM, quoth Steffen Kaiser:
>On Wed, 14 Nov 2007, Ed W wrote:
>
>> Is TLS always performed BEFORE auth with generally available POP/IMAP
>> clients?
>
>The IMAP spec does not contain an identification of the client app
On Wednesday, November 14 at 11:51 AM, quoth Ed W:
Is TLS always performed BEFORE auth with generally available POP/IMAP
clients?
Yes, because that's generally the entire point of using encryption.
After all, what's more important: encrypting your username/password
before transmitting it over
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 14 Nov 2007, Ed W wrote:
Is TLS always performed BEFORE auth with generally available POP/IMAP
clients?
The IMAP spec does not contain an identification of the client application
to the server. There is no "HELO" as in SMTP.
Bye,
- --
Is TLS always performed BEFORE auth with generally available POP/IMAP
clients?
Random idea but if there were some way to identify the client BEFORE
presenting the certificate then it would be possible to present one of a
number of certificates depending on the incoming client (don't fancy
Agree with Hugo most root CA have intermidate certificates which should
supplied with your server certificate. Otherwise chain won't work and any
client don't trust it.
- original message -
Subject: Re: [Dovecot] SSL/TLS with Outlook client
From: Hugo Monteiro <[EMAIL PRO
Eli Sand wrote:
Hugo Monteiro wrote:
Ah ... wildcard certs .. from what i recall, certs issued like
*.example.com were not very well accepted by M$ clients. You should
test against non wildcard certs and see how it behaves.
Already have and no luck :( My domain is elisand.com and I ha
Hugo Monteiro wrote:
> Ah ... wildcard certs .. from what i recall, certs issued like
> *.example.com were not very well accepted by M$ clients. You should
> test against non wildcard certs and see how it behaves.
Already have and no luck :( My domain is elisand.com and I have tried
*.elisand.com
Eli Sand wrote:
Nikolay Shopik wrote:
Usually it works like this. You are configure your mail client to
address like this mail.example.com, when mail client establish
connection to server and receive certificate it compare CN with current
configuration in it. So if you configure connect to mx
Nikolay Shopik wrote:
> Usually it works like this. You are configure your mail client to
> address like this mail.example.com, when mail client establish
> connection to server and receive certificate it compare CN with current
> configuration in it. So if you configure connect to mx.example.com b
On 13.11.2007 22:32, Ed W wrote:
Nikolay Shopik wrote:
On 13.11.2007 4:22, Jonathan Bond-Caron wrote:
Anyone have any solution to this?
I also getting a "The target principal name is incorrect." in
Outlook 2007
Is this a problem with dovecot?
That's probably because you CN doe
Nikolay Shopik wrote:
On 13.11.2007 4:22, Jonathan Bond-Caron wrote:
Anyone have any solution to this?
I also getting a "The target principal name is incorrect." in Outlook
2007
Is this a problem with dovecot?
That's probably because you CN doesn't match your server in
certifica
On 13.11.2007 4:22, Jonathan Bond-Caron wrote:
Anyone have any solution to this?
I also getting a "The target principal name is incorrect." in Outlook 2007
Is this a problem with dovecot?
That's probably because you CN doesn't match your server in certificate.
Do you using self-si
Anyone have any solution to this?
I also getting a "The target principal name is incorrect." in Outlook 2007
Is this a problem with dovecot?
Rick wrote:
> You could try the old import trick - do https://mail.elisand.com:993 and
> accept the cert in IE. Outlook should then just accept it.
Thanks Rick - that's a neat trick I didn't even know/think about. However,
after trying it (IE7 doesn't seem to let you save invalid certs btw, in m
You could try the old import trick - do https://mail.elisan.com:993 and
accept the cert in IE. Outlook should then just accept it.
Rick
On Thu, 2007-10-25 at 10:08 -0400, Eli wrote:
> I am trying to get TLS to work with Outlook 2007 and I've hit a small
> problem. Whenever I start it up, I get
I am trying to get TLS to work with Outlook 2007 and I've hit a small
problem. Whenever I start it up, I get this error:
"The server you are connected to is using a security certificate that cannot
be verified.
The target principal name is incorrect." (yes/no choice of trusting)
I first tried wi
25 matches
Mail list logo
