Re: Re: Re: [exim] helo leak in tls_verify_hosts , forcing …

Pàgina inicial
Delete this message
Reply to this message
Autor: thomas schorpp
Data:  
A: exim-users
Assumptes vells: Re: Re: [exim] helo leak in tls_verify_hosts , forcing clients to use ehlo ,configuration?
Assumpte: Re: Re: Re: [exim] helo leak in tls_verify_hosts , forcing clients to use ehlo ,configuration? wontfix.
Tony Finch wrote:
> On Tue, 14 Jun 2005, thomas schorpp wrote:
>
>>i know. so the clients defaulting to smtp must be brought to retry with
>>esmtp somehow.
>
>
> That is not possible. The only retry specified in the SMTP protocol is a
> fall-back from ESMTP to SMTP, when the EHLO is rejected and the client
> retries with HELO instead. The server cannot force the client to use
> ESMTP.


ok. so bounce them all with 5xx and user understandable message to
contact their isp's to default to esmtp first (what makes sence due to
the spec cause of the fallback reserve).

>
>
>>tls_on_connect_ports = 465
>
>
> Exim cannot use tls_on_connect as a client. You have to use a stunnel or
> something like that.


yes, thx, i just set it up for clients connecting to my server using the
old smtps protocol, as it is recommended in the exim docs.

>
> Tony.


many thx for comment.
y
tom