On Sun, 23 Feb 2014, Dirk Stöcker wrote:
If this is important to you, set:
smtp_tls_exclude_ciphers=aNULL
for the transport that delivers mail between your internal systems.
Does not sound like what I want. I don't want to hardcode a specific handling
for some servers, I want that the "trusted" state is logged properly in any
possible case.
Here I was wrong. At least it fixes the immediate trust issue. But if I'm
right it still does not even try to verify the hostname, right?
I hope there aren't any TLS capable mailservers, which fallback to
unencrypted transmission, when I use this.
Ciao
--
http://www.dstoecker.eu/ (PGP key available)
