CAcert System Admins discussion list

[Wytze van der Raay <wytze AT cacert.org>]

Hi Philipp,

Op 9-7-2010 13:08, Philipp Guehring schreef:
> I took a look at this problem, and discovered that both IPv4 and IPv6 
> reverse
> lookups point to www.cacert.org,
> but the myhostname in /etc/postfix/main.cf is configured to hlin.cacert.org
> Since all 3 should match, I would suggest that we change the myhostname of
> Postfix to www.cacert.org.

While delivery or non-delivery of e-mail should not depend on the contents
(or existence) of IP reverse lookup records IMHO, I completely agree that
it  makes sense to change the mail hostname to www.cacert.org. But that
will involve a bit more than just a name change, there is also an X.509
cert configured to provide SSL/TLS support for e-mail, currently set up
for the name hlin.cacert.org.
I'm wondering whether we can use the same certificate as used by the Apache
web server for this?
Also: do we really need to preserve the "hlin" hostname? It seems to be
there for historic reasons only, or are there more compelling reasons for it?

Regards,
-- wytze

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature