If TLS (not mutual, just plain TLS) is meant to authenticate the receiving SMTP server... RRS feed

  • Question

  • then why do I only see references to my cert in my Send Connector log entries? For example:

    2011-12-13T12:[...],0,,,*,,attempting to connect
    2011-12-13T12:[...],2,,,<,220 mx.google.com ESMTP fv10si6440569qab.28,
    2011-12-13T12:[...],3,,,>,EHLO smtp.nwt.com,
    2011-12-13T12:[...],4,,,<,"250-mx.google.com at your service, [1.x.x.x]",
    2011-12-13T12:[...],5,,,<,250-SIZE 35882577,
    2011-12-13T12:[...],8,,,<,250 ENHANCEDSTATUSCODES,
    2011-12-13T12:[...],10,,,<,220 2.0.0 Ready to start TLS,
    2011-12-13T12:[...],11,,,*,,Sending certificate
    2011-12-13T12:[...],12,,,*,"CN=mail.nwt.com, OU=Domain Control Validated,O=mail.nwt.com",Certificate subject

    Note: I have changed my real internal IP to

    Note: nwt.com replaces my real domain name.

    Note: if you think 1.x.x.x replaces my real external IP, you are correct.

    Note: [...] replaces part of the Send Connector data, simply for readabilty.


    But is my first assumption correct: is TLS meant to authenticate the receiving server (in this case Google-Gmail) and if so, why is my mail server sending its cert information?

    Tuesday, December 13, 2011 6:17 PM


All replies