Autor: gARetH baBB Data: A: exim-users Assumpte: Re: [Exim] using other parties self-signed certificate when delivering
to them using TLS
On Mon, 29 Mar 2004, Bernhard Erdmann wrote:
> The file used for tls_verify_certificates contains the CA certificate
> for the hosts where TLS is required when sending mail to them.
>
> I don't know the certificate or the CA certificate of every host I send
> mail to. For certain hosts, TLS is required. The use of TLS should be
> optional for other hosts and not be disturbed by a self-signed
> certificate on the other side.
Precisely, so you expand tls_verify_certificates based on the destination
host - if you want to verify you set tls_verify_certificates to the file
otherwise you leave it unset.
But tls_verify_certificates seems to be needed to be *unset* for no
verification, and just not blank. Unsure what you do to explicitly unset
something.