Re: [exim] exim4 smarthost with ssl

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M\Meelboy at <-
MMMJan Ingvoldstad at ->
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: Re: [exim] exim4 smarthost with ssl
On 2013-06-08, eelboy <eelboy@???> wrote:
> Hi,
>
> I have a stock Debian (6) with Exim4 (4.71) which I use as a smarthost
> to my ISP (verizon). They are switching to SSL on port 465 and I am
> having a hard time getting exim4 to cooperate. (previously they were
> using STARTTLS on port 587 which worked just fine)

That seems like a backwrds step by them 456+ssl is deprecated.

anyway, in your smtp transport :

# port= unset or 465
protocol=smtps

but for debian

zless /usr/share/doc/exim4-config/README.Debian.gz

section 2.2

TLS on connect is not natively supported.

IOW "you can't get there from here"

debian's exim4-config offers no way to activate exim's ssl on connect
capability,



so you have basically two choices, install and configure stunnel or
edit the exim4 config file, unless you're using stunnel for something
else I'd go with option 2

edit /etc/exim4/exim4-conf-template
or /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost
depending on wether or not you're using split config

in the file, add after

remote_smtp_smarthost:

this line:

protocol=smtps

then save it and then run

dpkg-reconfigure exim4-config

and remove or ammend the port number setting on the smarthost.

--
⚂⚃ 100% natural

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Spamtrap harvesting idea using fake authenticationRe: [exim] Spamtrap harvesting idea using fake authentication->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)