Re: [vps-mail] SSL-secure SMTP on VPS / VPS1 blocked?

["Bennett Lanford" <ben@xxxxxxxxxxxxx>]

On Tue, January 18, 2005 5:11 am, Martin Fischer said:
> Hi,
>
> when we asked Verio about securing E-Mail with SSL on VPS2 VPS1 answer
> was about POP3 only.
> Any idea why no more secure SMTP ?

Sendmail supports STARTTLS on both VPS1 and VPS2, last I checked. You can
verify that it supports STARTTLS by issuing the following command on VPS2:

# sendmail -bt -d0.1 < /dev/null | grep STARTTLS

It should produce output that looks something like this:

  SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG

(On VPS1, insert a "virtual" before the command.)

When a VPS sends outgoing mail to a "next-hop" mail server that *offers*
STARTTLS, the VPS will *always* attempt to negotiate an encrypted
connection and encrypt that phase of the e-mail delivery. (However,
because of the nature of the SMTP protocol, on the Internet at large there
is no guarantee that e-mail encrypted for one phase of its delivery will
be encrypted at every step of its journey.)

I found a pretty good (though complex) tutorial of how to configure your
sendmail to offer STARTTLS at: http://www.technoids.org/starttlstut.html

The last time I checked, support by e-mail clients for STARTTLS is still
pretty uneven. If all your customers use the same e-mail client--and if
their support for TLS (SSL) is consistent--you can safely configure
sendmail to offer STARTTLS.

Good luck!

-- 
Bennett Lanford <ben@xxxxxxxxxxxxx>

There are 10 kinds of people: those that understand binary and those that
don't.
======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).