Author: Cyborg Date: To: exim-users Subject: Re: [exim] rejecting transport if insecure
Am 01.12.2017 um 10:16 schrieb Jeremy Harris: > On 01/12/17 08:18, Cyborg wrote:
>> is there way to stop mail delivery to external servers if those servers
>> do NOT offer STARTTLS ?
> A suitably-set "hosts_require_tls" option on the transport.
>> A DB depended condition, when to check it, would be awesome.
> The option is expanded, hence you can do a DB lookup.
Got it working :D
BUT:
The messages do not get removed from the message queue:
2017-12-01 10:45:42 1eKhX1-0008El-GN == tlstest@??? R=dnslookup
T=remote_smtp defer (-38) H=mail.XXXXXX.de [XXXX]: a TLS session is
required, but the server did not offer TLS support
They just stay in, because exims thinks, the error is temporarilly :(
I'm not as hopefull as exim is :D The tested mailserver lacks tls since
1995 ;) No need to think it will change soon .. How do i get them failed
immediatly (best with a delivery message to the sender ) ?