mox/autotls
Mechiel Lukkien 62bd2f4427
for incoming smtp deliveries with starttls, use cert of hostname if sni hostname is unknown
instead of failing the connection because no certificates are available.

this may improve interoperability. perhaps the remote smtp client that's doing
the delivery will decide they do like the tls cert for our (mx) hostname after
all.

this only applies to incoming smtp deliveries. for other tls connections
(https, imaps/submissions and imap/submission with starttls) we still cause
connections for unknown sni hostnames to fail. if case no sni was present, we
were already falling back to a cert for the (listener/mx) hostname, that
behaviour hasn't changed.

for issue #206 by RobSlgm
2024-08-23 11:04:21 +02:00
..
autotls.go for incoming smtp deliveries with starttls, use cert of hostname if sni hostname is unknown 2024-08-23 11:04:21 +02:00
autotls_test.go implement ACME external account binding (EAB) 2023-12-22 11:50:50 +01:00