[Dovecot] SSL/TLS with Outlook client

Nikolay Shopik shopik at inblock.ru
Wed Nov 14 20:35:22 EET 2007


On 14.11.2007 21:30, Kyle Wheeler wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wednesday, November 14 at 02:18 PM, quoth Steffen Kaiser:
>   
>> On Wed, 14 Nov 2007, Ed W wrote:
>>
>>     
>>> Is TLS always performed BEFORE auth with generally available POP/IMAP 
>>> clients?
>>>       
>> The IMAP spec does not contain an identification of the client application 
>> to the server. There is no "HELO" as in SMTP.
>>     
>
> And HELO in SMTP is entirely unreliable, unverifiable, and on many 
> servers completely skippable.
>
>
>   
RFC says you SHOULD use FQDN for HELO nothing more. But still you can 
add SPF record for your HELO so nobody can foged your server HELO, thats it.


More information about the dovecot mailing list