On Tue, Mar 02, 2010 at 12:30:21PM -0800, Daniel L. Miller wrote:
> Ok - inferring from that, I tried:
> 192.168.0.110:128 inet n - - - - smtpd
> -o smtpd_tls_wrappermode=yes
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>
> Now connecting from Thunderbird SSL works - TLS does not. Just confirming
> - is this expected and proper behaviour?
Yes, of course. SSL after SMTP won't work with a service that runs SMTP
after SSL. The "SMTP inside SSL" service and "SSL inside SMTP" services
are not inter-operable and cannot be deployed on the same port.
The "SMTP over SSL" service (wrappermode=yes) is a legacy non-standard
service and should be phased out once all clients support "SSL over SMTP"
(aka STARTTLS).
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.
