https://bugs.exim.org/show_bug.cgi?id=1885
Jasen Betts <jasen@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jasen@???
--- Comment #3 from Jasen Betts <jasen@???> ---
I suspect "B" is the cause,
When TLS is not used the host will not offer AUTH PLAIN (in its default
configuration) and thus the client will not try to authenticate.
As some forms of AUTH are safe over un-encrypted channels the default client
configuration does not require TLS on all connections.
seem that the best solution is to set hosts_require_auth on the client's
smarthost transport
Debian's stock "remote_smtp_smarthost" transport says:
hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
{\
${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
}\
{} \
}
Perhaps that should be hosts_require_auth instead of hosts_try_auth.
However I think it is the way it is because some servers only offer AUTH to
clients connecting from outside their network (clinets connecting from inside
do not need to authenticate) so the stock configuration will work on portable
clients which use such a server.
--
You are receiving this mail because:
You are on the CC list for the bug.
