Am 22.03.22 um 09:15 schrieb Andreas Barth via Exim-users: > You need to activate MAIN_TLS_ENABLE in a configuration file. Of
> course, you current way works as well.
Honestly, I think that today, not enabling TLS as default in a
mailserver, is a complete no-go and should be changed ASAP by the distro
maintainer.
exim isn't exchange, where M$ had the example cipher list reversed, so
that SSLv3 was the best cipher they offered :D, but it's an easy to
setup config, where
working TLS is just 3-4 lines of config and a simple installscripthook
to create a default cert. That's not magic.
It may be "ok" for an automatic system reporting some technical data,
but also TLS won't hurt there, so it's no excuse for not enabling TLS by
default. Not to speak of, that in some parts of the world it is now
against data protection laws not to use TLS, if personal data is
transported and rl named emailaddresses count as such personal data.
(i.E. §32 1a EU GDPR)