Re: [exim] rejecting transport if insecure

Top Page
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: exim-users
Subject: Re: [exim] rejecting transport if insecure
Am 01.12.2017 um 10:16 schrieb Jeremy Harris:
> On 01/12/17 08:18, Cyborg wrote:
>> is there way to stop mail delivery to external servers if those servers
>> do NOT offer STARTTLS ?
> A suitably-set "hosts_require_tls" option on the transport.
>> A DB depended condition, when to check it, would be awesome.
> The option is expanded, hence you can do a DB lookup.


Got it working :D

BUT:

The messages do not get removed from the message queue:

2017-12-01 10:45:42 1eKhX1-0008El-GN == tlstest@??? R=dnslookup
T=remote_smtp defer (-38) H=mail.XXXXXX.de [XXXX]: a TLS session is
required, but the server did not offer TLS support

They just stay in, because exims thinks, the error is temporarilly :(

I'm not as hopefull as exim is :D The tested mailserver lacks tls since
1995 ;) No need to think it will change soon .. How do i get them failed
immediatly (best with a delivery message to the sender ) ?

Grüße,
Marius