The following table describes rule sets that determine whether an SMTP connection that uses TLS should be accepted, continued, or refused.
Table 14–15 Rule Sets for Running SMTP With TLS
Rule Set |
Description |
---|---|
tls_server |
Acting as a client, sendmail uses this rule set to determine whether the server is currently supported by TLS. |
tls_client |
Acting as a server, sendmail uses this rule set to determine whether the client is currently supported by TLS. |
tls_rcpt |
This rule set requires verification of the recipient's MTA. This recipient restriction makes attacks such as DNS spoofing impossible. |
TLS_connection |
This rule set checks the requirement that is specified by the RHS of the access map against the actual parameters of the current TLS connection. |
try_tls |
sendmail uses this rule set to determine the feasibility of using STARTTLS when connecting to another MTA. If the MTA cannot properly implement STARTTLS, then STARTTLS is not used. |
For more information, see http://www.sendmail.org/m4/starttls.html.