Re: [exim] TLS interaction problem with Communigate Pro 4.1.…

Top Page
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: exim-users
Subject: Re: [exim] TLS interaction problem with Communigate Pro 4.1.6
On Tue, 2008-04-15 at 09:37 +0200, Florian Weimer wrote:
> Communigate Pro (at least in some versions) does not cope very well
> with TLS advertisements. If this server software tries to submit a
> message to one of our hosts (which advertises STARTTLS during EHLO),
> it aborts the delivery attempt during the TLS handshake. The nasty
> part: it immediately retries, at the same MX, leading to the same
> failure, probably until the message has expired from the queue.


The only thing I can see of relevance in CGPro's History files is in
4.3c3:

TLS: the Weak Ciphers option is implemented.

Can you change your config to only offer "strong" ciphers?

Main config setting "tls_require_ciphers" might see you right by
limiting the available ciphers to something that works. Unfortunately
you may need trial-and-error here - start with one and widen the set.

Graeme