|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Victor Duchovni (Victor.Duchovni
MorganStanley.com)
Date: Tue Jan 15 2008 - 15:02:27 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Jan 15, 2008 at 02:34:20PM -0500, Dennis Putnam wrote:
>
> On Jan 15, 2008, at 2:23 PM, Victor Duchovni wrote:
>
> >On Tue, Jan 15, 2008 at 01:59:00PM -0500, Dennis Putnam wrote:
> >
> >No, a firewall on *your* exit path to the Internet that is censoring
> >"STARTTLS".
>
> No, I control our firewall and there are no restrictions on outbound
> packets with the except of a few web sites (port 80).
Not packet restrictions, protocol rewriting. For example some PIX firewall
"sanitize" SMTP. All the evidence points to such a firewall at your
premises or immediately outside, so don't discount this quite so fast.
> >In any case, clearly 2.1.5 TLS "MUST" is not really
> >functional. If you want a TLS secure-channel (not just
> >opportunistic TLS),
> >use 2.3.13 or 2.4.6.
>
> Sadly that is not an option. However, even a working opportunistic
> TLS would be satisfactory for now.
In that case, hunt down that firewall, or verify that the receiving
system has not singled out your IP address for denying TLS access.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]