locked
If TLS (not mutual, just plain TLS) is meant to authenticate the receiving SMTP server... RRS feed

  • Question

  • then why do I only see references to my cert in my Send Connector log entries? For example:

    2011-12-13T12:[...],0,,74.125.93.27:25,*,,attempting to connect
    2011-12-13T12:[...],1,10.10.10.10:33511,74.125.93.27:25,+,,
    2011-12-13T12:[...],2,10.10.10.10:33511,74.125.93.27:25,<,220 mx.google.com ESMTP fv10si6440569qab.28,
    2011-12-13T12:[...],3,10.10.10.10:33511,74.125.93.27:25,>,EHLO smtp.nwt.com,
    2011-12-13T12:[...],4,10.10.10.10:33511,74.125.93.27:25,<,"250-mx.google.com at your service, [1.x.x.x]",
    2011-12-13T12:[...],5,10.10.10.10:33511,74.125.93.27:25,<,250-SIZE 35882577,
    2011-12-13T12:[...],6,10.10.10.10:33511,74.125.93.27:25,<,250-8BITMIME,
    2011-12-13T12:[...],7,10.10.10.10:33511,74.125.93.27:25,<,250-STARTTLS,
    2011-12-13T12:[...],8,10.10.10.10:33511,74.125.93.27:25,<,250 ENHANCEDSTATUSCODES,
    2011-12-13T12:[...],9,10.10.10.10:33511,74.125.93.27:25,>,STARTTLS,
    2011-12-13T12:[...],10,10.10.10.10:33511,74.125.93.27:25,<,220 2.0.0 Ready to start TLS,
    2011-12-13T12:[...],11,10.10.10.10:33511,74.125.93.27:25,*,,Sending certificate
    2011-12-13T12:[...],12,10.10.10.10:33511,74.125.93.27:25,*,"CN=mail.nwt.com, OU=Domain Control Validated,O=mail.nwt.com",Certificate subject

    Note: I have changed my real internal IP to 10.10.10.10.

    Note: nwt.com replaces my real domain name.

    Note: if you think 1.x.x.x replaces my real external IP, you are correct.

    Note: [...] replaces part of the Send Connector data, simply for readabilty.

    ----

    But is my first assumption correct: is TLS meant to authenticate the receiving server (in this case Google-Gmail) and if so, why is my mail server sending its cert information?


    Tuesday, December 13, 2011 6:17 PM

Answers

All replies