Re: [exim] SSL SMTP

Top Page
Delete this message
Reply to this message
Author: Ron McKeating
Date:  
To: Tony Finch
CC: Exim-Users \(E-mail\)
Subject: Re: [exim] SSL SMTP
On Thu, 2004-12-02 at 16:11, Tony Finch wrote:
> On Thu, 2 Dec 2004, Ron McKeating wrote:
> > On Thu, 2004-12-02 at 15:28, Tony Finch wrote:
> > > On Thu, 2 Dec 2004, Ron McKeating wrote:
> > >
> > > > But we seem to have found that
> > > >
> > > > daemon_smtp_ports = 25 : 465 : 587
> > > > tls_on_connect_ports = 465
> > > > log_selector = +incoming_interface
> > > >
> > > > allows both protocols on port 465, is this a change in exim, or has it
> > > > always been like this?
> > >
> > > What makes you think this? If you are going by P=smtp on port 465
> > > connections, this is related to the following change in version 4.44:
> >
> > No I am going by the I=[158.125.1.226]:587 entry in the log, which lists
> > the port after the senders ip address.
>
> Why do you think it's using STARTTLS on port 465?
> (This is clearly impossible so you must be misinterpreting something.)
>


OK here is a log entry for an email I sent using ximian evolution on my
linux box

2004-12-02 16:07:42 1CZtUb-0006BY-U9 <= R.J.Mckeating@???
H=([131.231.80.5]) [131.231.80.5] I=[158.125.1.226]:465 P=esmtpsa
X=TLSv1:AES256-SHA:256 A=plain:ccrjm S=2147
id=1102003661.3465.399.camel@???

You will see it uses port 465, esmtpsa and plain authentication. Ximain
evolution cannot use tls_on_connect so it must be using starttls on port
465. Indeed it seems that port 465 supports both starttls and
tls_on_connect when started with this config

> > > daemon_smtp_ports = 25 : 465 : 587
> > > > tls_on_connect_ports = 465
> > > > log_selector = +incoming_interface


Ron

> Tony.

--
Ron McKeating
Senior IT Services Specialist
Internet Services and Software Solutions
Loughborough University
01509 222329