[exim] exim force starttls on submisson (587)

Hello,
i have installed exim4 on a vps, all is fine.

when i try to setup the mail address in thunderbird.

the wizard say "no encryption" on SMTP.

my config look like this:

...
tls_advertise_hosts = *
tls_require_ciphers =
SECURE128:+AES-256-GCM:+AES-256-CBC:+CAMELLIA-256-CBC:-ARCFOUR-128:-ARCFOUR-40:-MD5:-VERS-SSL3.0:-RSA:%SERVER_PRECEDENCE
tls_certificate = CONFDIR/ssl/exim.crt
tls_privatekey = CONFDIR/ssl/exim.pem
tls_dhparam = CONFDIR/ssl/dhparam.pem
daemon_smtp_ports = 25 : 587
...

begin authenticators
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
server_advertise_condition = ${if and{{def:tls_cipher}{
!eq{$interface_port}{25} }}}
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
server_advertise_condition = ${if and{{def:tls_cipher}{
!eq{$interface_port}{25} }}}


An other problem is that the wizard only guess "username" as login name,
but i need "username@domain" to login.

Best Regards,
Basti