In a message written on Tue, Feb 02, 2021 at 04:54:18PM +0000, Antonio Leding wrote: > You're not doin' well son...quit diggin' and go back to rethink your > approach. I dare say at least a majority on this list, including > myself, will trust Viktor et al a far bit more than someone coming in > from the cold who freely admits the are not "well versed" in the app, > nor a key protocol used by that app, but then still feels qualified to > argue as to the (falsely) alleged flaws in that app...
This is not the first place I've discussed this, and the usual reception is some fascination at the interplay of the TLS library and the application. I have found many opinions of the severity or urgency, but I have yet in any previous community had anyone argue that dropping the TLS connection was a good behavior. I absolutely did not expect such a strong response suggesting this was good or even intentional. Perhaps I handled Viktor's reponse poorly as a result. I have followed this deep into sendmail and offered data on the improvements my suggestions made in that software.. I sought out the expertise of the OpenSSL developers (which I linked to). This information was offered after much consultation and real world testing. While I freely admit I don't have deep experience with the Postfix source code, I find it sad that might be a reason people dismiss effort to alert this community to my findings. One of the major positives of Open Source to me is that we can share knowledge and improvements across projects. I came here to make Postfix users/developers aware of this situation. That mission has been accomplished. Do with the information what you want. I'll be available off list if anyone has questions about my original post. -- Leo Bicknell - bickn...@ufp.org PGP keys at http://www.ufp.org/~bicknell/
