[Exim] SMTP, TLS and self-signed certs

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
Bruno Saverio Delbono at ->
Delete this message
Reply to this message
Author: CaLViN
Date:  
To: exim-users
Subject: [Exim] SMTP, TLS and self-signed certs
Hi all,

I am using exim 4.2 on Debian, and have configured it to use TLS and a
self-signed certificate. This works fine with my mail clients, which
have downloaded and installed that cert. But now I am wondering:

If I have set tls_advertise_hosts = *, then ALL clients who send an
SMTP message will try to use TLS if they can. Now what will happen if
another MTA will deliver a mail to my system, and not a mail client?
Would it try to use TLS as well, and fail to do so because it can't
verify my certificate? Will it do the transmission without TLS then or
will it refuse the connection at all (and leave me without mails)?

If the latter is the case, how do I configure exim so that it uses TLS
only with MUAs?

Thanks,

CaLViN



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re[2]: [Exim] Literal domains[Exim] compiling on mysql and rh9->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)