Phil Pennock wrote:
> If stuck with an older openssl which doesn't wait for the SMTP
> connection banner when using -starttls, and if you have Perl with
> Net::SSLeay available, then:
>
> http://people.spodhuis.org/phil.pennock/software/smtp_tls_cert.pl
Perfect, that does exactly what I need. thankyou. The certificate shown
is the correct one.
It does leave me with another question though. I have one machine that
uses a self-generated certificate and in the log file of remote servers,
I see entries like this when it sends email:
2008-06-15 10:41:16 1K7ojY-0000Ac-B1 => martin@???
R=hubbed_hosts_postgres T=remote_smtp H=fish.clues.ltd.uk [80.68.93.86]
X=TLS1.0:RSA_AES_256_CBC_SHA1:32 DN="C=GB,ST=London,L=London,O=Clues
Ltd,CN=fish.clues.ltd.uk,EMAIL=hostmaster@???"
Note the certificate information in the DN="" part of the log file.
When I send email via the host that is using a "real" certificate, that
value is blank In the logging options +tls_peerdn is set in both
machines. Is there another option somewhere I've missed for this?
--
Martin A. Brooks | http://www.antibodymx.net/ | Anti-spam & anti-virus
Consultant | martin@??? | filtering. Inoculate
antibodymx.net | m: +447792493388 | your mail system.
