Re: [Exim] TLS Issue

Page principale
Ce message fait partie du fil suivant :
MArborescence complète du fil triée par date
MJohn P Connor à <-
M 
Supprimer ce message
Répondre à ce message
Auteur: Dennis Davis
Date:  
À: exim-users
Sujet: Re: [Exim] TLS Issue
>From: Philip Hazel <ph10@???>
>To: John P Connor <john.connor@???>
>cc: exim-users@???
>Precedence: bulk
>
>> It seems that we probably need an option in Exim to work round
>> this, do you think?
>
>I am not at all keen on this, but I suppose I am open to persuasion
>if lots of people feel the need.

I'm not keen on this at all.

>To remind the list of the issue: A broken client fails to send a
>new EHLO after starting a TLS session; this leaves Exim in SMTP
>mode rather than ESMTP mode, because it has reset itself, as the
>RFC specifies. The client then sends a MAIL command with a SIZE
>option, which Exim rejects because that is valid only in ESMTP
>mode.
>
>What do people think about this?

Well, I see broken clients advertising TLS when they can't hack
it. I'm working on an exim4 configuration that is derived from an
existing exim3 configuration. I'm currently using:

hostlist no_tls_advertise_hosts = net-SEARCH;NO_TLS_HOSTS

as a main configuration option and an SMTP transport with:

hosts_avoid_tls = +no_tls_advertise_hosts

Isn't something similar to the above the way to go when dealing with
broken clients that can't get the TLS right?


Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-[Exim] Re: Questions[Exim] mailing list address returned unqualified address->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)