Author: Heiko Schlittermann Date: To: exim-users Subject: Re: [exim] Allow STARTTLS after HELO
David Angleitner <David.Angleitner@???> (Do 27 Jan 2011 09:02:10 CET): > Hi
>
> We have set up exim to allow encrypted connections.
> This works fine if the client uses EHLO.
> But if the client uses HELO and then sends STARTTLS,
> exim responds with "STARTTLS command used when not advertised".
>
> Is there a way to allow STARTTLS even if the peer host
> used HELO instead of EHLO?
>
> I'm not sure if EHLO is mandatory according to the RFC,
> but apparently other MTAs have no issue with this.
… maybe unrelated, but finally fixed *in OpenSSL*, not in Exim:
The s_client sub command of OpenSSL issued STARTTLS without waiting for
the server greeting/offer and thus failed to talk with Exim. It worked at
least with some other major MTA - but this does not imply that Exim is
wrong.
As suggested in the other answer: try to fix the client, try to fix the
client or think about Exim as Open Source…
