Author: John P Connor Date: To: Philip Hazel CC: exim-users Subject: Re: [Exim] TLS Issue
Philip Hazel wrote: > I presume you mean MAIL FROM and not just FROM.
Correct. Typo on my part when transcribing the log. Also, it is Exchange
2000 at the other end, not 5.5.
<snip>
> If this is a TLS issue, my suspicion is that the client is not
> issuing a new EHLO after setting up the TLS session, as it is
> supposed to do. RFC 2487 says "The client SHOULD send an EHLO command
> as the first command after a successful TLS negotiation." OK, it's
> only a SHOULD, but...
>
Yes, I think you're correct. Looking more closely at the Exchange log, we
see:
EHLO erniepdc.ernie.mshome
250 oldfield Hello exc [10.10.10.1]
STARTTLS
220 TLS go ahead
MAIL FROM:<Administrator@???> SIZE=593,
.. and then we get the error I described. So Exim is in SMTP mode but
Exchange is still in ESMTP mode.
> That RFC also says "The server MUST discard any knowledge obtained
> from the client", and that is what Exim is doing.
Trust Microsoft not to follow RFCs. I am no Exchange admin (I avoid Windows
as much as I can), but afaik there is no way to circumvent this behaviour.
If I turn ESMTP off, I don't get the option to use TLS anyway. I wonder if
anyone else has experience with this? Do you think we need a new Exim option
to work round this?