[Dovecot] Authentication in outlook
Gerard Seibert
gerard at seibercom.net
Fri Nov 3 10:00:46 UTC 2006
On Friday November 03, 2006 at 03:49:15 (AM) Amon Ott wrote:
> Unfortunately, Outlook makes trouble with self signed SSL certs: It
> requires to accept the certificate again after every restart, what is
> very annoying for the users and makes it hard to recognize forged
> certs. So you will have the choice to allow password sniffing, annoy
> your users, buy an official cert - or to get a decent mail client
> installed.
I would vote for the 'Official Cert' option. Seriously, unless you are
running a home based operation, why would you not be employing a
properly signed certificate. After all, if you are offering SSL on your
mail server, you are going to need a signed certificate or else risk
having problems with other servers that are going to flag your server
form using self signed certificates.
By the way, I think Outlook's alerting users of the use of self signed
certificates is a good idea, although it should also have a mechanism in
place to stop those warnings on a permanent basis. Then again, if they
did, someone would complain about that. You cannot make everyone happy.
Just my 2¢.
--
Gerard
More information about the dovecot
mailing list