On Tue, 30 Sep 2003, Nico Erfurth wrote:
> require message = We do not support cleartext smtp (For whatever reason)
> encrypted = *
I'd recommend you use defer and not require.
A number of occasions I've had TLS fail, with require it would have just
rejected the mail entirely, with defer it at least comes round again and
gets another stab at doing TLS properly - of course this means that any
genuine reject is going to take its time.
This was between two Exim-4 boxes which 99.9% of the time do TLS fine -
they are interlinked quite closely, which is why I expect TLS to happen
between them, but when one was failing to do callbacks for failing to do
TLS to the other on rare occasion and thus mail was being rejected I moved
them over to using defer.
