Hi,
Dňa Sat, 30 Oct 2021 02:56:40 -0400 Viktor Dukhovni via Exim-users
<exim-users@???> napísal:
> Thus:
>
> smtp_tls_security_level = none | may | encrypt | fingerprint |
> dane | secure
I think, that ideal MTA must have option:
guess_tls_verify = no | user | admin
in "admin" mode, it will reject to connect over not validated cert for
trusted hosts and in "user" mode it will accept TLS for not bad hosts.
That "guess" part points to deciding what hosts are trusted and/or
which are bad.
It will use AI for deciding this guess, in simple case eg. by random
number qualificator, initiated e.g. by IP value to increase entropy. Or
we can define new SMTP extension and MTA will reports its
goodness/badness in EHLO reply as longlongint value, based eg. on
government certification (which delegates it eg. to google or
microsoft).
I am happy, that exim is not ideal MTA and leaves this "guess" for
admins to set it explicitly/manually in mentioned options, which has
usable defaults.
Anyway, if exim aborts outgoing connection at failed cert
verification (or any other TLS error) in STARTTLS, it is (IMO) RFC
violation (missing clean QUIT), but i do not know if it happens.
regards
--
Slavko
https://www.slavino.sk
