TLS-certificates and interoperability-issues sendmail / Exchange / postfix ..

TLS-certificates and interoperability-issues sendmail / Exchange / postfix ..

am 01.04.2005 14:59:44 von Peter Juuls

I'm planning using TLS on MS Exchange2003 gateways to achieve encrypted
server-to-server connections across the Internet, not for the mass mail
communication, just for a couple of maildomains.

Q1. TLS server certificates
In my testlab the sending Exchange server receives a server-certificate and
immidiately starts encrypting the session. No checks or verifications of the
certificate against CA's are made. If this is normal behavour for the
sending server, regardless of brand (sendmail / postfix / etc. ), I plan to
use self-signed-certificates and save money buying certificates.
What's best practice on chosing SSL/TLS-certificates ? Will
self-signed-certificates do ?

Q2. TLS-interoperability issues Exchange / sendmail / Postfix / other
smtp-mailers.
Postings in these newsgroups indicate that in some configurations Exchange
and sendmail did not always communicate smoothly.
What interoperability issues should I be prepared for nowadays ?

Thanks for your input
Best regards
Peter