[Dovecot] Authentication in outlook

Gerard Seibert gerard at seibercom.net
Fri Nov 3 10:00:46 UTC 2006

On Friday November 03, 2006 at 03:49:15 (AM) Amon Ott wrote:

> Unfortunately, Outlook makes trouble with self signed SSL certs: It 
> requires to accept the certificate again after every restart, what is 
> very annoying for the users and makes it hard to recognize forged 
> certs. So you will have the choice to allow password sniffing, annoy 
> your users, buy an official cert - or to get a decent mail client 
> installed.

I would vote for the 'Official Cert' option. Seriously, unless you are
running a home based operation, why would you not be employing a
properly signed certificate. After all, if you are offering SSL on your
mail server, you are going to need a signed certificate or else risk
having problems with other servers that are going to flag your server
form using self signed certificates.

By the way, I think Outlook's alerting users of the use of self signed
certificates is a good idea, although it should also have a mechanism in
place to stop those warnings on a permanent basis. Then again, if they
did, someone would complain about that. You cannot make everyone happy.

Just my 2¢.


More information about the dovecot mailing list