TLS session to pass this value as the Server Name Indication extension to
the remote side, which can be used by the remote side to select an appropriate
certificate and private key for the session.
TLS session to pass this value as the Server Name Indication extension to
the remote side, which can be used by the remote side to select an appropriate
certificate and private key for the session.
only point of caution. The &$tls_out_sni$& variable will be set to this string
for the lifetime of the client connection (including during authentication).
only point of caution. The &$tls_out_sni$& variable will be set to this string
for the lifetime of the client connection (including during authentication).
Except during SMTP client sessions, if &$tls_in_sni$& is set then it is a string
received from a client.
It can be logged with the &%log_selector%& item &`+tls_sni`&.
Except during SMTP client sessions, if &$tls_in_sni$& is set then it is a string
received from a client.
It can be logged with the &%log_selector%& item &`+tls_sni`&.
It also allows the server to declare (implicitly) that connections to it should use TLS. An MITM could simply
fail to pass on a server's STARTTLS.
It also allows the server to declare (implicitly) that connections to it should use TLS. An MITM could simply
fail to pass on a server's STARTTLS.
for every possible target server. It also scales (slightly) better than having to maintain on an SMTP
client a copy of the standard CAs bundle. It also means not having to pay a CA for certificates.
for every possible target server. It also scales (slightly) better than having to maintain on an SMTP
client a copy of the standard CAs bundle. It also means not having to pay a CA for certificates.