At some point in the distant past I’ve set up my own email server, running Sendmail for SMTP and the UWO imapd server for IMAP. Part of the setup process is creating certificates – so that you can have a secure tunnel for free, using self-signed certs.

Like a good boy I followed the instructions to the letter. Now I’m presented with a message box in Thuderbird saying “your certificate expired”. Eh? Why? Oh, I know – it’s because you’re supposed to have an expiry date on your own generated certs, because bla proper bla security bla I know better bla. I never got the bla bla part, never had any use for it. And now I ran into the problem I knew I would run into eventually.

Security, expiry? Did these guys think? I’ll tell you something – I can still get to my email using Thunderbird. It just puts up an annoying warning and makes me click continue every time. What sort of security is this expiration providing? If anything, security is worse now.

I must have created this setup a long time ago (likely 5 years) – because today I would never do something I believe is stupid just because someone “who knows better” said so. Oh I’m glad I made that decision.