Steven Hildreth wrote:
> > Encrypting SMTP is probably a waste of cpu cycles, since it's terribly
> > unlikely that the message will be passed from your mail server to the
> > next in anything but plain text.
>
> When you are dealing with enties like the NSA, CIA, FBI and such for email,
> they want all points encrypted. Because of the work we do at my current
> employer all ports are SSL, I was actually asked if we could do PGP on the
> ports real-time, geez..
You're using sendmail 8.10.0, you said. Does that version support TLS?
I thought that feature wasn't yet introduced.
I'm curious about the behavior (since I haven't used sendmail for some
time), how difficult is it to compile/configure? And have you verified
that it is, in fact delivering messages to the NSA, CIA, FBI, and such
over SSL? (using tcpdump/ngrep and friends?)
> > My certs are self signed, and netscape hasn't complained. It warned me
> > that the signature was not recognised the first time that I used it, but
> > that's the intended behavior. Outlook does the same.
>
> When I was using Netscape it would ask for this every time a connection was
> made, every time. Got real old if you have the email check time set to 5
> minutes then every damn five minutes prompt for this certificate business. I
What was the error? Was it complaning that it did not recognise the
signing authority, or that the certificate was for the wrong host? If
it was the former, then this behavior would be strange, but has been
fixed (it does not do that on my setup). If it was the latter, this
behavior is correct (sorta). If the certificate is not for the host you
are contacting, your application is supposed to warn you.
MSG
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
