Co pouzit na SMTP s podporou SSL

[Martin Kokes]

"hanc" <hanc.pavel na atlas.cz> píše v diskusním příspěvku
news:a26k40$ei7$1 na ns.felk.cvut.cz...
> snazil jsem se najit nejake informace o SMTP a SSL. Pop3 i IMAP bych jaks
> taks zprovoznil, ale SMTP mi nejak nejde (spis to neumim).

Myslim, ze Sam Varchavcik si na tom dava zalezet:

http://www.courier-mta.org/intro.html :

STARTTLS ESMTP extension (as well as IMAP/POP3/Webmail over SSL) in both the
client and the server (requires OpenSSL). The ESMTP client can optionally
require that the remote server's X.509 certificate is signed by a trusted
root CA (a default set of root CAs is provided).

Experimental TLS/SSL enhancements which are designed to implement a secure
mail delivery channel between trusted domains, over an untrusted network.
This is implemented by requiring mail to select domains use TLS/SSL
connections which require the remote server to present an X.509 certificate
signed by a private (not a public) certificate authority. This is pretty
much the highest level of security that can be achieved with today's
technologies. This doesn't even require DNSsec. Even if the DNS cache is
poisoned with MX records that divert mail to a rogue relay, the attacker
will not have an X.509 certificate signed by a private CA (this assumes, of
course, that the security of the private CA hasn't been breached). This work
is mostly complete, but still needs a little testing.

MK