[Exim] can't enable STARTTLS

Top Page
Delete this message
Reply to this message
Author: Daniel M. Drucker
Date:  
To: exim-users
Subject: [Exim] can't enable STARTTLS
I am trying to enable authenticated relaying, but I cannot seem to get
Exim to advertise STARTTLS capability.

I am running exim from these RPMS:
exim-4.24-1_12.rh9
exim-mysql-4.24-1_12.rh9

According to ftp://ftp.exim.org/pub/rpms-for-exim/readme.txt , that
exim-mysql RPM includes exim-base, which is compiled with SSL support.
Furthermore:

[root@eco /etc/exim]# exim -bV
Exim version 4.24 #2 built 02-Oct-2003 15:24:36
Copyright (c) University of Cambridge 2003
Berkeley DB: Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001)
Support for: iconv() IPv6 PAM Perl TCPwrappers OpenSSL
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Contains exiscan-acl patch revision 12 (c) Tom Kistner
[http://duncanthrax.net/exiscan/]
Configuration file is /etc/exim/exim4.conf

In my exim4.conf, I have:
hostlist host_auth_accept_relay = *
tls_certificate = /etc/exim/exim.crt
tls_privatekey = /etc/exim/exim.key
hostlist tls_advertise_hosts = *
hostlist auth_over_tls_hosts = *

I have the cert and key files:

   [root@eco /etc/exim]# ls -l exim.crt exim.key
   -rw-r--r--    1 mail     mail         1237 Oct 20 20:14 exim.crt
   -rw-------    1 mail     mail          891 Oct 20 20:14 exim.key


Those files were created with:
   [root@eco /etc/exim]# openssl req -x509 -newkey rsa:1024 \
         -keyout exim.key -out exim.crt -days 9999 -nodes


Yet, even after all this:

220 mail.3e.org ESMTP Exim 4.24 Mon, 20 Oct 2003 20:52:40 -0400
ehlo 3e.org
250-mail.3e.org Hello localhost.localdomain [127.0.0.1]
250-SIZE 20971520
250-PIPELINING
250-AUTH CRAM-MD5 PLAIN LOGIN
250 HELP
QUIT
221 mail.3e.org closing connection

Can anyone suggest what I might be doing wrong?

--
Daniel Drucker / dmd@???