Osama Al-Hassani:
> > Which Postfix SMTP client implementation matches server certificates
> > against server IP addresses?
>
> We are using 3.2.0 vanilla.
>
> To clarify, this is when using the "match" attribute with "verify" security
> level. I could rephrase the question as to why anything
DNS names are
ignored in the SANs field?
Thanks,
Osama
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Wietse Venema
Sent: 15 June 2017 21:47
To: Postfix users
Subject: Re: Outbound TLS Certificate Verification
Os
; Osama
>
> -Original Message-
> From: owner-postfix-us...@postfix.org
> [mailto:owner-postfix-us...@postfix.org] On Behalf Of Viktor Dukhovni
> Sent: 15 June 2017 01:33
> To: postfix-users@postfix.org
> Subject: Re: Outbound TLS Certificate Verification
>
> On W
...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Viktor Dukhovni
Sent: 15 June 2017 01:33
To: postfix-users@postfix.org
Subject: Re: Outbound TLS Certificate Verification
On Wed, Jun 14, 2017 at 09:12:20PM +, Osama Al-Hassani wrote:
> When verifying server certificates on outbo
On Wed, Jun 14, 2017 at 09:12:20PM +, Osama Al-Hassani wrote:
> When verifying server certificates on outbound connections, it seems we
> are unable verify the IP addresses part of the SANs field. We are able to
> verify IPs in CNs.
Email is sent to addresses of the form ,
where the "domain-p
Hi all,
When verifying server certificates on outbound connections, it seems we are
unable verify the IP addresses part of the SANs field. We are able to verify
IPs in CNs.
What is the reasoning behind this behaviour?
Thank you,
Osama
Osama Al-Hassani
Software Engineer
[Telephone] +44 118
