Results 1 to 3 of 3

Thread: postfix/thunderbird and SSL or TSL?

  1. #1
    Join Date
    Nov 2006
    Beans
    107

    Question postfix/thunderbird and SSL or TSL?

    Hi everyone!

    I set up a certificate for my server, so I can use TLS and SSL for connection purposes.

    I can setup Thunderbird to use TLS, then I get this
    Code:
    Port: 110
    Dec  1 18:29:53 golf764 pop3d: LOGIN, user=<user>@<domain>, ip=[::ffff:xx.21.xx.195], port=[56089]
    Dec  1 18:29:53 golf764 pop3d: LOGOUT, user=<user>@<domain>, ip=[::ffff:xx.21.xx.195], port=[56089], top=0, retr=0, rcvd=12, sent=39, time=0, stls=1

    When I select "SSL" in thunderbird, it switches to:
    Code:
    Port: 995
    Dec  1 18:29:31 golf764 pop3d-ssl: LOGIN, user=<user>@<domain>.de, ip=[::ffff:xx.21.xx.195], port=[48668]
    Dec  1 18:29:31 golf764 pop3d-ssl: LOGOUT, user=<user>@<domain>.de, ip=[::ffff:xx.21.xx.195], port=[48668], top=0, retr=0, rcvd=12, sent=39, time=0

    On one hand, Wikipedia says TLS is more recent than SSL (in fact TLS is SSLv3.1). But on the H (http://www.h-online.com/) and c't magazine I read, Thunderbird mixes things up a little. On the other hand, my log output makes me believe it doesn't.

    Well, does it, then? So put "ssl" or "tls" into my account's settings?

    Thanks for your input in advance.
    Regards,
    Ben
    >> Linux User Group Schaumburg <<
    #lug-schaumburg on Freenode (as bmhm)
    Wer sich auf seinen Lorbeeren ausruht, trägt sie an der falschen Stelle!

  2. #2
    Join Date
    Nov 2009
    Location
    Cork, Ireland
    Beans
    53
    Distro
    Kubuntu 9.10 Karmic Koala

    Re: postfix/thunderbird and SSL or TSL?

    There is an article on mozillaZine.org that should answer your question:
    http://kb.mozillazine.org/Secure_con..._-_Thunderbird

  3. #3
    Join Date
    Nov 2006
    Beans
    107

    Re: postfix/thunderbird and SSL or TSL?

    For those who find this thread: This is a good answer (shortened to the facts):
    • TLS and "TLS, if av" are mislabeld and should be: "STARTTLS" and "STARTTLS if av"
    • They will in fact start an insecure connection and try to upgrade it to something encrypted.
    • For Thunderbird 2.0, it is recommended that if your mail server supports both TLS and SSL you choose SSL since it's just as secure, and it will always either make a secure connection or fail.
    • Its recommended that you use just a secure connection if you have a choice since using two different ciphers to double encrypt data can sometimes make it far less secure.


    I have heard of the last fact before, so don't be confused. It's true.

    Thanks for the link.
    >> Linux User Group Schaumburg <<
    #lug-schaumburg on Freenode (as bmhm)
    Wer sich auf seinen Lorbeeren ausruht, trägt sie an der falschen Stelle!

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •