Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 10 Jun 2001 18:40:27 -0400
From:      "Dan Langille" <dan@langille.org>
To:        "Si" <si@chemicalterrorism.com>
Cc:        <chat@freebsd.org>
Subject:   RE: MTA authentications
Message-ID:  <200106102240.f5AMeSU70666@lists.unixathome.org>
In-Reply-To: <IOEDLFEIFKOCCKPLMKOMOELJGFAA.si@chemicalterrorism.com>
References:  <200106101336.f5ADa1U61233@lists.unixathome.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 10 Jun 2001, at 23:37, Si wrote:

> > -----Original Message-----
> > From: owner-freebsd-chat@FreeBSD.ORG
> > [mailto:owner-freebsd-chat@FreeBSD.ORG]On Behalf Of Dan Langille
> > Sent: 10 June 2001 14:36
> > To: Alex Zepeda
> > Cc: chat@freebsd.org
> > Subject: Re: MTA authentications
> >
> >
> > On 10 Jun 2001, at 4:50, Alex Zepeda wrote:
> >
> > > On Sat, Jun 09, 2001 at 11:43:44PM -0400, Dan Langille wrote:
> > >
> > > > I also meant to say that it appears that this new "standard" is not
> > > > backwards compatible.
> > >
> > > It is very much so.  SSL is implemented via smtps (and depreciated), and
> > > is essentially just SMTP being wrapped with SSL.  TLS has been
> > integrated
> > > fully into SMTP (forgot the RFC here) via the STARTTLS (STLS in POP3)
> > > command.
> > >
> > > Thus your MTA seems to be coerced into attempting an TLS
> > connection (this
> > > is advertised w/ the EHLO response)... and it's being denied.  Likely
> > > because of lack of certificate.  If your MTA didn't support TLS at all,
> > > you {probably,should} see a different error message.
> [snip]
> 
> To answer your original post, i agree, these admins should not expect all
> mta's out there to support their stuff and the fact that a user of their
> domain is not aware that subscribing to mailing lists will bounce suggests
> the admin has 'just done this'.
> 
> IMHO it's lame and theres no need with tools such as rbl etc...

Thanks.

I'm getting conflicting answers between on-list and off-list.  Some say 
my MTA is misconfigured and should not be attempting TLS without a 
certificate.  Others say the receiving MTA is misconfigured and 
shouldn't be requiring my server to use TLS.

I'm confused.

-- 
Dan Langille
pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106102240.f5AMeSU70666>