I am trying to enable authenticated relaying, but I cannot seem to get
Exim to advertise STARTTLS capability.
I am running exim from these RPMS:
exim-4.24-1_12.rh9
exim-mysql-4.24-1_12.rh9
According to
ftp://ftp.exim.org/pub/rpms-for-exim/readme.txt , that
exim-mysql RPM includes exim-base, which is compiled with SSL support.
Furthermore:
[root@eco /etc/exim]# exim -bV
Exim version 4.24 #2 built 02-Oct-2003 15:24:36
Copyright (c) University of Cambridge 2003
Berkeley DB: Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001)
Support for: iconv() IPv6 PAM Perl TCPwrappers OpenSSL
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Contains exiscan-acl patch revision 12 (c) Tom Kistner
[
http://duncanthrax.net/exiscan/]
Configuration file is /etc/exim/exim4.conf
In my exim4.conf, I have:
hostlist host_auth_accept_relay = *
tls_certificate = /etc/exim/exim.crt
tls_privatekey = /etc/exim/exim.key
hostlist tls_advertise_hosts = *
hostlist auth_over_tls_hosts = *
I have the cert and key files:
[root@eco /etc/exim]# ls -l exim.crt exim.key
-rw-r--r-- 1 mail mail 1237 Oct 20 20:14 exim.crt
-rw------- 1 mail mail 891 Oct 20 20:14 exim.key
Those files were created with:
[root@eco /etc/exim]# openssl req -x509 -newkey rsa:1024 \
-keyout exim.key -out exim.crt -days 9999 -nodes
Yet, even after all this:
220 mail.3e.org ESMTP Exim 4.24 Mon, 20 Oct 2003 20:52:40 -0400
ehlo 3e.org
250-mail.3e.org Hello localhost.localdomain [127.0.0.1]
250-SIZE 20971520
250-PIPELINING
250-AUTH CRAM-MD5 PLAIN LOGIN
250 HELP
QUIT
221 mail.3e.org closing connection
Can anyone suggest what I might be doing wrong?
--
Daniel Drucker / dmd@???