On Sun, Oct 19, 2008 at 3:03 PM, mouss <[EMAIL PROTECTED]> wrote: > Noel Jones a écrit : >> mouss wrote: >>> Dan Phiffer a écrit : >>>> One thing I should have specified in my last message is that I still >>>> can't send email using SMTP over SSL. Mail.app behaves exactly the same >>>> as before and I'm still seeing "SSL_accept error" in mail.log. >>>> >>> >>> I suggest regenarting the certificate and setting the CN to the mail >>> server name (mail.gridfilter.com), instead of your name. >>> >> >> While that is correct, since it's a self-signed certificate it won't >> verify anyway. > > at least Thunderbird will keep barking if the CN doesn't match (if it > matches, it warns only once if the cert is accepted permanently). Maybe > Mail.app is even more picky?
>From previous experiences with Mail.app, this isn't so, Mail.app does not complain TOO much about a mismatched CN, as other suppliers I've used have this problem. (once when you open the program and that's about it). I think that it is still an implementation problem of some sort. (although I don't know enough about it to point fingers) > >> >> Set smtpd_tls_loglevel to 0 or 1 to suppress unimportant/unrelated >> messages. >> >> Looks to me as if TLS is working correctly - using openssl s_client OP >> was able to connect and communicate with the server. Since s_client >> works, I'm inclined to think any further problems are with Mail.app >> configuration. I'm not familiar with Mail.app; maybe it wants STARTTLS >> support on port 25 or 587 rather than the deprecated wrappermode on 465, >> or maybe it reacts badly to the mismatched name. >> > > -- ------- Issac Kelly servee.com issackelly.com --------------------------
