Re: [exim] Exim TLS - problem

Top Page
Delete this message
Reply to this message
Author: Dave Lugo
Date:  
To: exim-users
Subject: Re: [exim] Exim TLS - problem
On Sat, 3 Jul 2010, Stanczak Slawomir wrote:
>
> Hi,
>
> I have easy question. How to force TLS connection before SMTP
> authentication in global exim4.conf?
>


what do you have in your auth acl?

This is my complete acl for auth, nothing
else needed in it:

acl_check_auth:

   #
   # The following rules force auth to require STARTTLS.
   #
   accept  encrypted = *
   deny    message   = TLS encryption required




> I have following settings for TLS:
>
> tls_certificate = /etc/exim4/srv.pem
> tls_privatekey = /etc/exim4/srv.pem
> tls_advertise_hosts = *
>
> This is allow to send messages with TLS, but without TLS too. (example;
> "never" TLS option in Thunderbird SMTP settings).
>
> When I set in my exim4.conf:
>
> auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
>
> and mark "never" TLS option (Thunderbird) for testing message is sent
> without asking for my password (password window isn't displayed at all).
>
> When I mark "TLS" option it works correctly.
>
> I to define tls_require_ciphers option too?
>
> Help me please.
> Regards
>
> Slawek
>
>


-- 
--------------------------------------------------------
  Dave Lugo     dlugo@???      No spam, thanks.
  Are you the police?  . . .  No ma'am, we're sysadmins.
--------------------------------------------------------