On 2014-10-19 at 10:03 +0200, elrippo wrote:
> in my logs i can see, that all clients are using TLS, but if i specify that option, exim4 "stops" taking any messages.
> Please find enclosed the output of "exim -d --version"
> Exim version 4.76 #1 built 28-Dec-2012 16:49:07
This has known security issues. You're better off updating Exim to fix
known problems than worrying about POODLE and SMTP; worry about POODLE
_after_ you get Exim up-to-date.
Your OS might have backported fixes, but that build date suggests not.
> Library version: GnuTLS: Compile: 2.12.14
> Runtime: 2.12.14
This is older than the GnuTLS developers support, but should still
support TLS1.0 through TLS1.2.
> > > I am running exim on Ubuntu 12.04 LTS
> > >
> > > If i define "tls_require_ciphers = NORMAL:!VERS-SSL3.0"
> > >
> > > i get an error in the log and the messages are not handled...
> > > "2014-10-18 10:07:55 TLS error on connection from (user) [151.236.xxx.xxx] (gnutls_handshake): No supported cipher suites have been found."
> > >
> > > Can you advise please?
> >
> > That client only supports SSL and doesn't support TLS?
> >
> > Failing that, we need version information to go on with, so please
> > provide the output of:
> >
> > exim -d --version
So, how have you ruled out that this is a client limitation, with a
client which doesn't support TLS?
Which clients are you trying to use?
-Phil