NOTE: since the EHLO command must be constructed before the connection is
made it cannot depend on the interface IP address that will be used.
+The string "$sending_ip_address" is checked for; if it appears in helo_data
+and "def:sending_ip_address" does not, the facility is disabled.
+
Transport configurations should be checked for this. An example avoidance:
helo_data = ${if def:sending_ip_address \
Issues:
In a resumed session:
- $tls_{in,out}_certificate_verified will be set, and verify = certificate
- will be true, when verify failed but tls_try_verify_hosts allowed the
- connection (under OpenSSL)
$tls_{in,out}_cipher will have values different to the original (under GnuTLS)
$tls_{in,out}_ocsp will be "not requested" or "no response", and
- hosts_require_ocsp will fail
+ hosts_require_ocsp will fail
--------------------------------------------------------------