Bug#314296: Re: Bug#314296: exim4 NOT verifying server certificate

[Wenzhuo Zhang]

On Sun, Jun 19, 2005 at 01:29:57AM +0200, Marc Haber wrote:
> SMTP AUTH over TLS with actual verification of the server certificate
> is not very common nowadays.

Most MUA programs will verify the server certificate if you ever enable
TLS.

> Where should the package automatically obtain the CA certificate to
> verify the server against? How to handle the case of delivering two

MAIN_TLS_VERIFY_CERTIFICATES.

> different smarthost, one of them having a self-signed certificate?

Since we're talking about the Debian package and its configuration
utility, do we have to worry about complicated scenarios?

Regards,
Wenzhuo