On 2013-01-29 at 20:27 +0000, John ffitch wrote:
> exim4 sounds like Debian
In fact, Raymond said Ubuntu 12.0.4 and I quoted that.
But Exim can come from normal package repos, backport repos, and since
Baruwa was mentioned and they provide a repo but I can't see what's in
that repo (without installing a Deb system and adding them as a source)
I don't know if a different Exim is in there.
I did try a quick Google search to find which version of Exim is
included with Ubuntu by default, but there were no relevant results
within a minute of searching, so I gave up: when asking for help from
others, it's not long-term beneficial to reward missing information by
doing a lot of work for free to make up for it.
> On Tue, 29 Jan 2013, Phil Pennock wrote:
> > On 2013-01-29 at 11:53 -0600, Raymond Norton wrote:
> >> (Ubuntu 12.0.4 - Exim4 -Baruwa 2.0.0)
http://packages.ubuntu.com/precise/mail/exim4
By _default_, security updates for 12.0.4 will supply 4.76-3ubuntu3.1;
_if_ that version is the one in use, then the old-style Exim-specific
GnuTLS configuration directives are in use.
The old docs included, as an *example* of how to use those directives,
this:
tls_require_ciphers = !ARCFOUR
If you do that, then yes, Google won't deliver to you over TLS.
Google use RC4-SHA, which OpenSSL calls SSL_RSA_WITH_RC4_128_SHA, which
might help with determining if gnutls_require_kx or the like is set
badly.
The Exim web-site has copies of the Specification for many old versions
of Exim, so more details can be found at:
http://www.exim.org/exim-html-4.76/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html
-Phil