On Wed, May 27, 2015 at 7:11 PM, Andreas Metzler <eximusers@???> wrote:
> Cyborg <cyborg2@???> wrote:
> > Hi guys,
>
> > did anyone ever tried to extend the SMTP protocol to something like this
> ?
>
> > HELO clienthostname
> > 250 OK
> > HOST maildomain.de
> > 250 OK
> > STARTTLS
> > ....
> > and getting the correct certificate for this domain ?
>
> > This way authentication could be done together with encryption, instead
> > of encryption only.
>
> That's what SNI is for, isn't it?
>
Yes, SNI is there so you don't have to do the above.
Cyborg: See also
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html
--
Jan