Re: [exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.…

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-dev
Subject: Re: [exim-dev] [Bug 2255] TLS/SSL issue after upgading to 4.90


> On Mar 13, 2018, at 12:55 PM, admin--- via Exim-dev <exim-dev@???> wrote:
>
> You would have to set NO_TICKET on the IMAP server, not
> Exim.
>
> What you could try, although I do not know whether it works,
> is to set -no_ticket in Exim, thus disabling the disabling of
> tickets. Hopefully the effect is that Exim will hand out tickets.
> Those will never match the ones carried over from IMAP and Exim
> does not offer resume anyway, so no harm done. It might not do
> anything at all, since NO_TICKET is hardcoded into the Exim sources.


Based on this thread, it sounds to me like Outlook expects the *same*
ticket (or more generally resumable session) to work across both IMAP
and SMTP submission. If so, then if IMAP session caching is enabled,
no matter how you configure Exim, you can't win, because the IMAP
server and SMTP server don't have an integrated shared session cache!

The only "solution" is for both IMAP and submission to not offer
session resumption.

Mind you, if the submission client just reconnects to negotiate a new
session, rather that continue with a full handshake, and this is all
transparent to the user, then apart from some noise in the logs this
is completely harmless, and you could just leave it the way it is with
IMAP sessions cached (users read a lot more mail then the send).

-- 
    Viktor.