MrC wrote:
Victor Duchovni wrote:
It is interesting to see an MUA negotiate an anonymous session. Clearly
T-Bird did not care to ask for or verify the server certificate. Did
it require special configuration to enable this, or is this default
T-Bird behaviour?
I see the same in my logs - default setup + submission port.
Oct 21 22:00:53 glacier postfix/smtpd[2914]: Anonymous TLS connection
established from zion.mikecappella.com[10.0.0.10]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
Same thing here - *only* Anonymous TLS from Tbird, Eudora, and
Windows Mobile devices.
This is somewhat confusing to me since all those clients will
complain when the server certificate isn't valid, which is one
reason we coughed up the $15 for a real certificate.
--
Noel Jones
