On Thu, Sep 02, 2010 at 01:30:24PM -0500, Vernon A. Fort wrote:
> > The choice between "fingerprint" and "secure" depends on whether the
> > remote cert is self-signed and stable, or signed public CA and changes
> > each time it expires.
> >
>
> OK - so i get them to send me their cert file - th
On Thu, 2010-09-02 at 13:47 -0400, Victor Duchovni wrote:
> On Thu, Sep 02, 2010 at 12:41:47PM -0500, Vernon A. Fort wrote:
>
> > Concerning outbound email to a specific domain that I need encrypted, I
> > use smtp_tls_policy_maps. I would like some level of verification that
> > the remote serve
On Thu, Sep 02, 2010 at 12:41:47PM -0500, Vernon A. Fort wrote:
> Concerning outbound email to a specific domain that I need encrypted, I
> use smtp_tls_policy_maps. I would like some level of verification that
> the remote server IS the server I think it is. I see the
> smtp_tls_security_level
On Tue, 2010-08-24 at 11:43 -0500, Vernon A. Fort wrote:
> On Tue, 2010-08-24 at 10:29 -0500, Noel Jones wrote:
> > On 8/24/2010 10:24 AM, Vernon A. Fort wrote:
> > > We have a few companies that we need have ALL email traffic encrypted.
> > > We can no longer 'blindly trust' the end user to not in
On Tue, Aug 24, 2010 at 11:37:26AM -0500, Vernon A. Fort wrote:
> > > # force_tls
> > > 5.4.3.2/32 reject_plaintext_session
> >
> > See however,
> >
> > http://www.postfix.org/TLS_README.html#client_tls_limits
> >
> > the responsibility to encrypt falls largely on the sender. I would
> > e
On Tue, 2010-08-24 at 10:29 -0500, Noel Jones wrote:
> On 8/24/2010 10:24 AM, Vernon A. Fort wrote:
> > We have a few companies that we need have ALL email traffic encrypted.
> > We can no longer 'blindly trust' the end user to not include sensitive
> > information in email. A VPN would be a easie
On Tue, 2010-08-24 at 11:42 -0400, Victor Duchovni wrote:
> On Tue, Aug 24, 2010 at 10:29:43AM -0500, Noel Jones wrote:
>
> > On 8/24/2010 10:24 AM, Vernon A. Fort wrote:
> >> We have a few companies that we need have ALL email traffic encrypted.
> >> We can no longer 'blindly trust' the end user
On Tue, Aug 24, 2010 at 10:29:43AM -0500, Noel Jones wrote:
> On 8/24/2010 10:24 AM, Vernon A. Fort wrote:
>> We have a few companies that we need have ALL email traffic encrypted.
>> We can no longer 'blindly trust' the end user to not include sensitive
>> information in email. A VPN would be a
On 8/24/2010 10:24 AM, Vernon A. Fort wrote:
We have a few companies that we need have ALL email traffic encrypted.
We can no longer 'blindly trust' the end user to not include sensitive
information in email. A VPN would be a easier solution but its not an
option at this point.
So, the outbound
We have a few companies that we need have ALL email traffic encrypted.
We can no longer 'blindly trust' the end user to not include sensitive
information in email. A VPN would be a easier solution but its not an
option at this point.
So, the outbound appears to be simple:
smtp_tls_policy
10 matches
Mail list logo
