[Dovecot] SSL/TLS with Outlook client
Nikolay Shopik
shopik at inblock.ru
Tue Nov 13 21:37:22 EET 2007
On 13.11.2007 22:32, Ed W wrote:
> Nikolay Shopik wrote:
>> On 13.11.2007 4:22, Jonathan Bond-Caron wrote:
>>> Anyone have any solution to this?
>>>
>>>
>>>
>>> I also getting a "The target principal name is incorrect." in
>>> Outlook 2007
>>>
>>>
>>>
>>> Is this a problem with dovecot?
>>>
>>>
>>>
>> That's probably because you CN doesn't match your server in
>> certificate. Do you using self-signed certificated?
>
>
> Is there any way around this if you have an IP and lots of A records
> pointing at it?
>
> As I understand it mail clients are going to winge if you use any name
> other than the one which is in the certificate? My simple research
> suggests that they don't do a lookup, then a reverse lookup and
> compare that?
>
> It's a problem with vhosted domains... Any suggestions?
>
> Ed W
Usually it works like this. You are configure your mail client to
address like this mail.example.com, when mail client establish
connection to server and receive certificate it compare CN with current
configuration in it. So if you configure connect to mx.example.com but
server receive certificate with CN=mail.example.com it should warn you.
It doesn't do any PTR lookups.
More information about the dovecot
mailing list