[exim-dev] [Bug 1897] New: Exim not falling back to non-TLS …

Page principale
Supprimer ce message
Répondre à ce message
Auteur: admin
Date:  
À: exim-dev
Sujet: [exim-dev] [Bug 1897] New: Exim not falling back to non-TLS on callouts
https://bugs.exim.org/show_bug.cgi?id=1897

            Bug ID: 1897
           Summary: Exim not falling back to non-TLS on callouts
           Product: Exim
           Version: 4.86+ HEAD
          Hardware: x86
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: ACLs
          Assignee: jgh146exb@???
          Reporter: chirila@???
                CC: exim-dev@???


In exim 4.86.2+fixes, TLS communication was enabled by default when doing
callouts. However we sometimes deliver messages to some Exchange(?) machines
("Microsoft ESMTP MAIL Service", I don't have any information about them) that
have problems with TLS.

While delivering the emails we always see in the log:

```
TLS error on connection (SSL_connect): error:00000000:lib(0):func(0):reason(0)
TLS error on connection (SSL_connect): error:00000000:lib(0):func(0):reason(0)
TLS error on connection (SSL_connect): error:00000000:lib(0):func(0):reason(0)
```

Messages are still delivered successfully as Exim will simply fallback on
non-TLS somehow and the messages is correctly sent.

After we enabled TLS on callouts as well, ALL callouts deferred for those
Exchange servers, so we are not able to verify the recipients. It seems that
for callouts Exim doesn't fallback on non-TLS. The exact same error appearing
in the exim mainlog.

Unfortunately managing a list of servers that have such problems is not really
an option for me. Even though I'm 100% this is just an issue with their
configuration.

I think it would make sense if the behavior from message delivery to be copied
to the callouts as well.

--
You are receiving this mail because:
You are on the CC list for the bug.