Autore: Raymond Norton Data: To: exim-users Oggetto: [exim] TLS configuration
(Ubuntu 12.0.4 - Exim4 -Baruwa 2.0.0)
I'm doing the final configuration of an inbound relay server (not used
for sending). The exim4.conf file I am using utilizes TLS. I created a
.key and .pem file and a telnet session verifies the server is ready for
TLS connections.
I'm getting a lot of the following in my logs, but don't know if it is
normal, or an issue with my configuration, understanding it will err out
if the sender is not using TLS. I'm not really sure there is a need for
TLS, since all the servers I relay to are trusted. Any advice is
appreciated.
11:26:20 6310 SMTP>> 250-relay-1.lctn.org Hello mail-oa0-f70.google.com
[209.85.219.70]
11:26:20 6310 250-SIZE 20971520
11:26:20 6310 250-STARTTLS
11:26:20 6310 250 HELP
11:26:20 6310 SMTP<< STARTTLS
11:26:20 6310 initializing GnuTLS as a server
11:26:20 6310 read D-H parameters from file
11:26:20 6310 initialized D-H parameters
11:26:20 6310 certificate file = /etc/pki/baruwa/domain.tld.pem
11:26:20 6310 key file = /etc/pki/baruwa/domain.tld.key
11:26:20 6310 initialized certificate stuff
11:26:20 6310 host in tls_verify_hosts? no (option unset)
11:26:20 6310 host in tls_try_verify_hosts? no (option unset)
11:26:20 6310 adjusted cipher priorities:
11:26:20 6310 initialized GnuTLS session
11:26:20 6310 SMTP>> 220 TLS go ahead
11:26:20 6310 LOG: MAIN
11:26:20 6310 TLS error on connection from (mail-oa0-f70.google.com)
[209.85.219.70] (gnutls_handshake): No supported cipher suites have been
found.
11:26:20 6310 TLS failed to start