Hello,
Is there any way (without using DANE) in exim SMTP client to force
matching domain in remote SMTP server certificate with string
configured in exim for recipient e-mail domain and not with hostname
returned by (unsecure) DNS MX lookups?
Something like "secure" cert match in postfix (resolves remote MX-es
using DNS but checks remote certificate against defined names not
hostnames from DNS):
http://www.postfix.org/TLS_README.html#client_tls_secure
Exim configured with TLS forced to such recipient domanin should use MX
to find servers but verify server cert against domain name from exim's
config (i.e. file/db lookup).
--
Regards,
Pawel Boguslawski
IB Development Team
https://dev.ib.pl/
