Re: Re: Re: [exim] helo leak in tls_verify_hosts , forcing …

Page principale
Supprimer ce message
Répondre à ce message
Auteur: thomas schorpp
Date:  
À: exim-users
Anciens-sujets: Re: Re: [exim] helo leak in tls_verify_hosts , forcing clients to use ehlo ,configuration?
Sujet: Re: Re: Re: [exim] helo leak in tls_verify_hosts , forcing clients to use ehlo ,configuration? wontfix.
Tony Finch wrote:
> On Tue, 14 Jun 2005, thomas schorpp wrote:
>
>>i know. so the clients defaulting to smtp must be brought to retry with
>>esmtp somehow.
>
>
> That is not possible. The only retry specified in the SMTP protocol is a
> fall-back from ESMTP to SMTP, when the EHLO is rejected and the client
> retries with HELO instead. The server cannot force the client to use
> ESMTP.


ok. so bounce them all with 5xx and user understandable message to
contact their isp's to default to esmtp first (what makes sence due to
the spec cause of the fallback reserve).

>
>
>>tls_on_connect_ports = 465
>
>
> Exim cannot use tls_on_connect as a client. You have to use a stunnel or
> something like that.


yes, thx, i just set it up for clients connecting to my server using the
old smtps protocol, as it is recommended in the exim docs.

>
> Tony.


many thx for comment.
y
tom