Re: [Exim] TLS default options

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Philip Hazel
日付:  
To: Matthew Frost
CC: Yann Golanski, exim-users
題目: Re: [Exim] TLS default options
On Tue, 26 Sep 2000, Matthew Frost wrote:

> Perhaps a note in src/EDIT me along with the TLS options that you may
> need to set up a certificate and key.


Good idea.

> However, if you just want to use Exim as a TLS client then you appear
> to just be able to compile it with the SUPPORT_TLS and TLS_LIBS
> options to have it work.


That's true. And that will still be true if tls_advertise_hosts is null,
and that is safer just in case one day it starts being a server. (Or
indeed consider the case of small network with TLS required on outgoing
mail to ISP, but not within the network.)

> Whatever happens, when enabling TLS, there is more to think about than
> just compiling it (client only you disable advertising, client and
> server you may set up your certificate and key).


Indeed. I think I will make the change to the default for
tls_advertise_hosts for the next release to simplify the client only
case.

Therefore, all of you that are testing are advised to put an explicit
setting in your configuration files so that they will continue to work
when you upgrade.

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.