vrubiella:
> Hello!,
>
> I'm can't see references about SNI in 3.4 release notes, this feature has
> been discarded for next release or is WIP?
It's in progress. We don't announce things until they exist.
Wietse
Hello!,
I'm can't see references about SNI in 3.4 release notes, this feature has
been discarded for next release or is WIP?
Thks!
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
> On Feb 22, 2018, at 2:20 PM, MK wrote:
>
> Hi Viktor,
>
> Is this on the roadmap for 3.4 or for a long-term roadmap?
I'd like to have working SNI in 3.4, with early snapshots around May.
However, this is a goal not a contract.
--
Viktor.
Hi Viktor,
Is this on the roadmap for 3.4 or for a long-term roadmap?Just curious.Thanks
for all the amazing work on Postfix.
-M
From: Viktor Dukhovni
To: Postfix users
Sent: Thursday, January 25, 2018 10:23 PM
Subject: Re: SMTP SNI Support
> On Jan 25, 2018, at 10:06 PM,
On 25 Jan 2018, at 21:30 (-0500), MK wrote:
Hosting provider has machine1.hostingdomain.com
machine2.hostingdomain.com and machine3.hostingdomain.com. One of
their customers customerdomain.com comes on board with DNS changes and
adds their mailboxes. Their employees don’t want to see
Hostingd
> On Jan 25, 2018, at 10:06 PM, MK wrote:
>
> OpenSSL implementations (OpenSSL 0.9.8 mainly which is used in Debian 8
> and others of that era of a few years ago) can't handle a server with SNI
> certificates and fails to connect.
This is not an accurate description of the problem. The real p
OpenSSL implementations (OpenSSL 0.9.8 mainly which is used in Debian 8 and
others of that era of a few years ago) can't handle a server with SNI
certificates and fails to connect. This is older --client-- openssl versions
which we saw remote machines on the internet connecting as.
Incorrect op
> On Jan 25, 2018, at 9:30 PM, MK wrote:
>
> I’d request considering allowing the SNI to be enabled per port.
Each port gets its own entry in master.cf, so you will certainly
be able to enable or disable SNI support for a given TCP endpoint.
> While using it in production we found a very smal
Amazing! Thanks!
I’d request considering allowing the SNI to be enabled per port. While using it
in production we found a very small number (<1%) of mail servers sending to our
server didn’t like SNI- likely ancient mail servers. That said, we didn’t find
any clients (outlook, phones, etc) tha
> On Jan 25, 2018, at 5:52 PM, Bill Cole
> wrote:
>
>> I found this discussion circa 2015 (
>> http://postfix.1071664.n5.nabble.com/postfix-and-multiple-TLS-certificates-td80968.html
>> ) which references the request, but it doesn't seem to have come into
>> fruition.
>
> That thread also
On 25 Jan 2018, at 16:17 (-0500), MK wrote:
There were some discussions in 2015 and more recently about SNI
support.
For IMAP/POP, dovecot (which allows SNI support) has a configuration
like this in our setup:
local_name imap.example.org { ssl_cert =
{ ssl_cert =
Moving from a perl-based
11 matches
Mail list logo
