Home of the ColdFusion Community
|
Mailing Lists
|
Home /
Groups /
ColdFusion Talk (CF-Talk)
cfmail to Exchange using TLS
Author: David Phelan
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:63940#351315
I am developing a solution for my company to be able to send email from our
CF 8 application using TLS for security reasons and have a couple things
that I would like to get clarified.
I looked at the headers of the emails sent by my solution and I noticed
that the transfer encoding was only 7 bit. The certificate that we are
using on the development box is self signed so I am hoping that is the
reason for the low encoding level, but I'm not sure. What I would like to
clarify is the following:
1. Is the self signed certificate the reason for the encoding level?
2. Will a genuine certificate from a reputable source improve the
encoding level?
3. Do I need to install a certificate somewhere in ColdFusion?
4. Is this a limitation of the CF 8 cfmail tag?
5. Is this something that needs to be addressed on the Exchange server?
6. Am I off the mark on this completely?
I have no experience sending secured email from CF so any help or advice
would be appreciated.
TIA
--
David Phelan
ColdFusion/Flex Application Developer
phelan.davidj@gmail.com
Author: Russ Michaels
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:63940#351316
The encryption level is determined by the cert. You can generate any type
of cert yourself and it will do the same job but it will not be trusted in
a browser is not provided by a known ca. The encryption is done by the
cert on the mailserver so nothing to install on cf side.
Why type of cert did you generate?
On May 23, 2012 6:41 PM, "David Phelan" <phelan.davidj@gmail.com> wrote:
----- Excess quoted text cut - see Original Post for more -----
Author: Dave Watts
Short Link: http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:63940#351317
----- Excess quoted text cut - see Original Post for more -----
I think the answer to (6) is "yes". The certificate should have
nothing to do with the actual content of the email, and is just used
to establish an encrypted connection.
That said, if you're looking at the headers sent before the encrypted
connection is established, you might not see anything beyond the
standard 7-bit transfer encoding that SMTP supports. ESMTP and 8-bit
MIME are required for more complex transfer encodings. I suspect you
don't really get to see that information before the encrypted
connection is established.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
http://training.figleaf.com/
Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on
GSA Schedule, and provides the highest caliber vendor-authorized
instruction at our training centers, online, o
|
May 19, 2013
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
