On 7/15/2013 3:14 PM, Wietse Venema wrote: > Ben Johnson: >> On 7/15/2013 1:10 PM, Viktor Dukhovni wrote: >>> On Mon, Jul 15, 2013 at 12:47:53PM -0400, Ben Johnson wrote: >>> >>>> In essence, our clients wish to use their own SSL certificates for their >>>> SMTP connections. >>> >>> Are these submission clients? What does the above mean? >>> >> >> Yes, these are submission clients. To be clear, our clients want to be >> able to configure their MUAs to use our MTA's submission service via >> their own domain names. I know; it is not necessarily a rational or >> reasonable request. > > It's entirely reasonable if they want to be able to change email > provider without having to update all their clients. >
This is the strongest argument that I've seen for adding SNI support to Postfix. I hadn't even considered this. Maybe this is the basis for our customers' respective positions; I wish they had made it clearer to begin with. > Unfortunately there are not a lot of development cycles for adding > a decent SNI implementation to Postfix. > > Wietse > I can't even imagine the complexities; I understand. In the meantime, I am all ears, regarding jf's question about SNI proxying via, for example, nginx. If that subject is best addressed to the nginx mailing list, I am happy to take the discussion to the appropriate list. Thanks again, -Ben
