On Mon, Apr 26, 2004 at 08:56:37AM -0600, Craig Kelley wrote:
> On Mon, 2004-04-26 at 15:43 +0100, Peter Bowyer wrote:
>
> > Not sure I agree - it only takes one extra ACL test to listen on both and
> > reject on 587 if not authenticated - something like this which was posted by
> > Bruce Richardson on 11th April:
> >
> > accept hosts = +auth_relay_hosts
> > condition = ${if eq {$interface_port}{587} {yes}{no}}
> > endpass
> > message = relay not permitted, authentication required
> > authenticated = *
>
> Now for another wrench that we ran into... Is there a way to get Exim
> to do traditional SSL on 587? We don't want to send auth data in
> cleartext, and the major email clients can't do TLS except on port 25.
> I've used Thunderbird with TLS on non-25 ports -- but Outlook and Apple
> Mail seem to use this algorithm:
>
> If (ssl && port 25)
> TLS
> Else If (ssl)
> Raw SSL
> Else
> SSL Disabled
I have evidence (exim logs) in front of me which say that "Microsoft Office
Outlook, Build 11.0.5510" can use port 587 with TLS. Also "Microsoft
Outlook, Build 10.0.6626" can use port 465 with TLS, As can Mozilla.
Mike
--
-----Plain text only please - attachments stripped on arrival.------
Copyright 2003 Mike Richardson, Room G98, Manchester Computing
University of Manchester, M13 9PL doctor@??? Int: 56009
Left through main doors. Right then left at end of corridor.
First door on left. URL http://kira.mcc.ac.uk/ Ext: 0161 275 6009
--------------------------------------------------------------------
"If I want your opinion, I'll **** it out of you!" - Chuck Norris
"If anything happens to my daughter I have a ** and ******" Clueless