On Sat, Aug 16, 2014 at 08:25:48AM +0200, Arnold Nijboer wrote:
> just to use "the other MTA" as an example.
> Postfix has an option : smtp_tls_security_level = may
> Which tells Postfix to send email with TLS if the other server says
> STARTTLS in its EHLO
Like Postfix, Exim is documented.
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECID185
The second paragraph says:
It is not necessary to set any options to have TLS work in the
smtp transport. If Exim is built with TLS support, and TLS is
advertised by a server, the smtp transport always tries to
start a TLS session. However, this can be prevented by setting
hosts_avoid_tls (an option of the transport) to a list of server
hosts for which TLS should not be used.
In other words, "may" the default, and you can only either disable
TLS for some hosts, or require it for others.
--
Viktor.
