[exim] TLS changes in 4.87

Top Page
Delete this message
Reply to this message
Author: Robert Blayzor
Date:  
To: Exim Users
Subject: [exim] TLS changes in 4.87
Release notes state:

"
JH/18 Bug 1709: When built with TLS support, the tls_advertise_hosts option now
      defaults to "*" (all hosts).  The variable is now available when not built
      with TLS, default unset, mainly to enable keeping the testuite sane.
      If a server certificate is not supplied (via tls_certificate) an error is
      logged, and clients will find TLS connections fail on startup.  Presumably
      they will retry in-clear.
      Packagers of Exim are strongly encouraged to create a server certificate
      at installation time.”




Now upon start-up:

2016-04-21 20:01:04 Warning: No server certificate defined; TLS connections will fail.
Suggested action: either install a certificate or change tls_advertise_hosts option



Which is fine… But adding something like "tls_advertise_hosts = !*” to config doesn’t squelch the warning.


Normally an incoming MX server *should* support TLS w/ a key/certificate. But where that doesn’t fit in is an outbound/relay server that does not accept inbound email.

So other than creating a bunk key/cert pair, how do you suppress the warning?


--
Robert
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP Key: 78BEDCE1 @ pgp.mit.edu