Sujet : Re: Trusted CA config (was: Re: adding CA certificates (for use by sendmail))
De : INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please) (at) *nospam* esmtp.org (Claus Aßmann)
Groupes : comp.mail.sendmailDate : 10. Jan 2025, 18:09:59
Autres entêtes
Organisation : MGT Consulting
Message-ID : <vlrk97$j5j$1@news.misty.com>
References : 1 2 3 4
User-Agent : trn 4.0-test77 (Sep 1, 2010)
Bjørn Mork wrote:
But how are we supposed to configure a sendmail server then? MTA-STS
means that the trusted CA list must include every public CA. Using the
...
can get a trusted client certificate, then "AUTH EXTERNAL" is pretty
much an open relay. What am I missing?
MTA-STS has probably been "designed" by people who use http(s) for
everything - without considering the implications. And just like
SPF it breaks existing e-mail practices....
adding CA certificates (for use by sendmail)
Re: Trusted CA config