Can SASL be used to secure mail connection between 2 different domains
or is it being used only to secure email communication between all
users of one domain who are local or mobile ?
On Jan 30, 2:27 pm, krn <rashmeepa...@gmail.com> wrote:
> On Jan 23, 8:05 pm, Claus Aßmann <ca+sendmail(-no-copies-
> please)@mine.informatik.uni-kiel.de> wrote:
> > krn wrote:
> > > I need to set up TLS between mail servers of a.com and b.com domain.
> > > b.com is the client.
> > > These are the directives that I will be adding in access.map file:
> > > TLS_Srv:b.com ENCR:112
> > > TLS_Clt:b.com ENCR:112
> > > TLS_Rcpt:b.com ENCR:112
> > > Can I set the ENCR bits to 256 or more for stronger encryption?
> > 256. Check your logs and the output of
> > openssl ciphers -v
> > > Can I set the cipher that I want from the list that openssl supports
> > > instead of what server and client negotiate during TLS session
> > > negotiation?
> > Why? Isn't a cipher with 256 keylength for the symmetric encryption
> > strong enought?
> > BTW: see the source code, look for _FFR_TLS_1 and CipherList.
> > Anyway, you have to use VERIFY instead of ENCR if you actually
> > want to make sure your mail isn't read by someone else; see
> > the docs about the difference between the two.
> Thanks for the reply.
> I searched for _FFR_TLS_1 and Cipher and did not find it in the source
> code which means the sendmail running does not support _FFR_TLS_1
> I did openssl ciphers -v and found many ciphers with max cipher
> strength of 256.- Hide quoted text -
> - Show quoted text -