[exim] try_verify TLS on smtp transport?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
Philip Hazel at ->
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-users
Subject: [exim] try_verify TLS on smtp transport?
Perhaps I'm having one of my doh-days and I'm just missing something in
the docs.

Is there a way to attempt to verify a remote server's TLS certificate in
the smtp transport, without actually failing it? Something analogous to
tls_try_verify_hosts in the main configuration section for inbound
connections, but for outbound?

Not verifying leaves you subject to Man-in-the-Middle; verifying means
you can't talk to people using self-signed certs or CAs not common for
me; I'd like to try to verify, so that I can look at the CA=<yes|no>
entries in my logs over a period of time and deal with data instead of
supposition.

Thanks,
-Phil

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] exim 4.63 / mailman 2.1 @ CENTOS 5]Re: [exim] Sending mail from NAT-ed network->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)