Hi all, I've just been doing some work on verifying SSL certs presented when delivering mail using STARTTLS. The servers that run this mailing list do a STARTTLS - but seem to present an invalid cert: Jan 31 02:49:24 mail postfix/smtpd[3084]: connect from mail03v-smtp01.fnal.gov[131.225.199.28] Jan 31 02:49:25 mail postfix/smtpd[3084]: setting up TLS connection from mail03v-smtp01.fnal.gov[131.225.199.28] Jan 31 02:49:26 mail postfix/smtpd[3084]: certificate verification failed for mail03v-smtp01.fnal.gov[131.225.199.28]: untrusted issuer /C=US/ST=IL/L=Batavia/O=Fermilab/OU=Research/CN=mail03v-smtp01.fnal.gov Jan 31 02:49:26 mail postfix/smtpd[3084]: mail03v-smtp01.fnal.gov[131.225.199.28]: Untrusted: subject_CN=mail03v-smtp01.fnal.gov, issuer=mail03v-smtp01.fnal.gov, fingerprint=45:43:48:94:B1:C4:F8:AC:00:C2:EC:93:9E:35:05:BF Jan 31 02:49:26 mail postfix/smtpd[3084]: Untrusted TLS connection established from mail03v-smtp01.fnal.gov[131.225.199.28]:TLSv1 with cipher AES128-SHA (128/128 bits) Does anyone know what CA is being used here? None of this really seems as it should to me... -- Steven Haigh Email: [log in to unmask] Web: https://www.crc.id.au Phone: (03) 9001 6090 - 0412 935 897 Fax: (03) 8338 0299