On Thu, Feb 20, 2014 at 09:12:59AM -0800, Marc MERLIN wrote:
> 2) It may not be very easy for me to run exim in debug mode while waiting for their next encrypted Email,
> but if it's the only way, I can try.
> In the meantime, see this tshark output, namely:
> TLSv1 72 Change Cipher Spec
> TLSv1 295 Encrypted Handshake Message
> TLSv1 103 Application Data
> TLSv1 103 Encrypted Alert
> TLSv1 343 Application Data
> TLSv1 247 Encrypted Alert
The encrypted alert is almost certainly a "shutdown" message. Exim
logs the client sent "QUIT", which is consistent with graceful
termination of the session. So there is nothing interesting to be
logged about TLS. Perhaps Amex were trying to send you a message
that exceeds your 25 MB message size limit (and thus give up after
EHLO).
> Can I get better debug output without running with -d+all for
> all incoming Email?
Before launching into debugging TLS, consider simpler issues first.
--
Viktor.
