[ngw] GWIA - SMTP & TLS Certificate Verification

Laura Buckley Laura at laurabuckley.co.za
Thu Nov 1 12:24:53 UTC 2018


Hi,

I recommend putting in an enhancement request for this:
https://ideas.microfocus.com/MFI/mf-smg

Cheers,


Laura

Lifelong Learner

www.laurabuckley.co.za



On Thu, Nov 1, 2018 at 12:58 PM Brad Rodgers <BRodgers at cesa7.org> wrote:

> IF MF had anything that could do TLS certificate verification, it would
> be in their Secure Messaging Gateway product (aka GWAVA 7).  Based on
> how MF handled DKIM implementation in GroupWise, my guess is going
> forward all email security is going to be built into SMG with MF wanting
> you to put GWIA behind SMG.
>
> -Brad
>
> Brad Rodgers
> Director of Administrative Technology
> 920.617.5648
> brodgers at cesa7.org
>
>
>
>
>
>
> This e-mail message together with any attachments or reply should not be
> considered private or confidential because it may be archived and
> subject to public disclosure under certain circumstances, such as
> requests made pursuant to Wisconsin public records law.
>
> The message is intended solely for the use of the individual or entity
> to which they are addressed. Please notify the sender immediately by
> e-mail if you have received this e-mail by mistake and delete this
> e-mail from your system. Please note that the views or opinions
> presented in this e-mail are solely those of the author and do not
> necessarily represent those of Cooperative Educational Service Agency
> #7. Any unauthorized use, distribution, copying or disclosure by you or
> to any other person is prohibited.
>
> >>> Danita Zanre <dzanre.ngwlist at gmail.com> 11/1/2018 3:47 AM >>>
> Hi Marvin,
>
>
> I’m pretty sure that GW cannot do this. Unless MF has a better
> workaround, I’d punt and use a Postfix front-end, which can require
> certificate verification, at least from their doc statements.
>
> Thanks,
>
>          -Danita
>
> ----------------------------------
> Danita Zanrè Tel: (720)319-8240 -   Move Out of the Office
> Tel: (720)319-7530 -   Caledonia
>
> ----------------------------------
>
>
> On Nov 1, 2018 at 07:47:55 GMT+1, Marvin Huffaker
> <mhuffaker at redjuju.com> wrote:
>
> > I have a customer with a GroupWise system..   Raytheon is one of
> their customers.
> >
> > Raytheon is beginning to enforce a new SMTP TLS policy for anybody
> that communicates with them regularly (Yet it appears it's on a per
> domain basis, so spammers and such wouldn't fall under this same
> policy)..
> >
> > Based on their requirement, just having a valid trusted 3rd party
> certificate isn't enough. They want the GroupWise server to be able to
> verify the certificate as well.  To my knowledge, GroupWise does not now
> or has it ever had this capability. It just uses whatever certificate is
> presented without verification, which is why it works fine with self
> signed certs.    And furthermore, I've never in my career seen an email
> server that requires certificate verification befor.
> >
> > So how could I accomplish this?   This is what they want:
> >
> > "The Raytheon servers have been configured for TLS with certificate
> verification with the xxxxxxxxxxxx
> > ( http://presidiocomponents.com/)  domain.  Once the xxxxxxxxxxxx
> sending servers for this domain have been configured to require TLS with
> certificate verification with the Raytheon domains, TLS will be fully
> setup.
>
> > Raytheon domains:
> > raytheon.com
> > raytheon.co.uk
> > raytheon.com.au
> > thalesraytheon-us.com
> > bbn.com
> > solipsys.com
> > sigovs.com
> > pikewerks.com
> > rps-emea.com
> > raytheon-ssd.com
> > teligy.com
> > raytheoncyber.com
> > _______________________________________________
> > ngw mailing list
> > ngw at ngwlist.com
> > http://ngwlist.com/mailman/listinfo/ngw
>
>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>
>
> _______________________________________________
> ngw mailing list
> ngw at ngwlist.com
> http://ngwlist.com/mailman/listinfo/ngw
>


More information about the ngw mailing list