I was given a task to make communication between mail servers of our group
of companies via TLS(encryption is required, not authentication). Some
servers are MS Exchange with valid(CA signed) certificates. Our exim is with
self-signed certificate(enough for encryption).
I added these options to exim config:
, where 10.x.x.x and 10.y.y.y are IPs of Exchange servers. Exchange
administrators added my certificate to corresponding servers as trusted
certificate. And since that time we're having quite acceptable tls
communication.
But, we're experiencing very interesting problem. When a user from the first
exchange server sends message to the exim user, who in turn has redirection
to the second exchange server, the last one doesn't accept the message. Exim
log shows us:
454 4.7.5 Certificate validation failure
Is there any possibilities to make that redirection working right without
turning off TLS?