* Create help for explaining how encrypted password file support

     works.

   * When a message is sent encrypted, add the sender certificate so that
     the sender can decrypt it too.

   * When a message is signed and encrypted, first sign it and then encrypt
     it. This changes the usual order of encrypting and then signing, and it has
     the shortcoming of making bigger messages. However, this is the way that
     most clients work with S/MIME, and so for compatibility with other programs,
     we will send signed, then encrypted, instead of encrypted, then signed.
     Hmm... should we sign the encrypted part?

   * Avoid the first RSET smtp command, as this causes delays in some evily
     managed servers.

1 files changed, 3 insertions, 2 deletions

diff --git a/imap/src/c-client/smtp.c b/imap/src/c-client/smtp.c
index 47c7e5a6..1c72670c 100644
--- a/imap/src/c-client/smtp.c
+++ b/imap/src/c-client/smtp.c
@@ -437,10 +437,11 @@ long smtp_mail (SENDSTREAM *stream,char *type,ENVELOPE *env,BODY *body)
          (stream->netstream->dtb ==
       (NETDRIVER *) mail_parameters (NIL,GET_SSLDRIVER,NIL)) ?
          "/ssl" : "");
-  do {				/* make sure stream is in good shape */
-    smtp_send (stream,"RSET",NIL);
+  do {
     if (retry) {		/* need to retry with authentication? */
       NETMBX mb;
+				/* make sure stream is in good shape */
+      smtp_send (stream,"RSET",NIL);
 				/* yes, build remote name for authentication */
       mail_valid_net_parse (smtpserver,&mb);
       if (!smtp_auth (stream,&mb,smtpserver)) return NIL;