Re: [exim] configuring exim4 smtp to use SSL

Góra strony
Delete this message
Reply to this message
Autor: Ferenc Wagner
Data:  
Dla: gary
CC: exim-users
Nowe tematy: Re: [exim] configuring exim4 smtp to use SSL [SOLVED]
Temat: Re: [exim] configuring exim4 smtp to use SSL
Gary Dale <garydale@???> writes:

> On 22/03/15 02:06 PM, Ferenc Wagner wrote:
>
>> Please show us the section starting by "remote_smtp_smarthost:" in the
>> file named by exim4 -bP configure_file.
>
> /var/lib/exim4/config.autogenerated
>
> remote_smtp_smarthost:
>   debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
>   driver = smtp
>   hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
>         {\
> ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
>         }\
>         {} \
>       }
> .ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
>   hosts_avoid_tls = REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
> .endif
> .ifdef REMOTE_SMTP_HEADERS_REWRITE
>   headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
> .endif
> .ifdef REMOTE_SMTP_RETURN_PATH
>   return_path = REMOTE_SMTP_RETURN_PATH
> .endif
> .ifdef REMOTE_SMTP_HELO_DATA
>   helo_data=REMOTE_SMTP_HELO_DATA
> .endif
> .ifdef TLS_DH_MIN_BITS
> tls_dh_min_bits = TLS_DH_MIN_BITS
> .endif


That's the standard contents of the file, not mentioning protocol, so it
stays at its default value: smtp. You have to set it to smtps, but not
in this file. Either in /etc/exim4/exim4.conf.template (if you have
exim4/use_split_config: false in the output of debconf-show exim4-config)
or in /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost
(if you use split config or you run update-exim4.conf.template).

>>> exim -bP transports seems to hang. It's been several minutes and it's
>>> not completed.
>>
>> That's unexpected. Try strace to find out what it's waiting for.
>
> It actually never completed. I killed it the next day. However today
> it seems to be completing. Here's the output:
>
> [...]
> remote_smtp_smarthost transport:
> [...]
> protocol = smtp


After the above change, this should turn into smtps. Which also makes
the smarthost port specification (::465) reduntant.
--
Feri.