Author: Heiko Schlittermann Date: To: exim-users Subject: Re: [exim] TLS session is required,
but an attempt to start TLS failed
Patrick Porteous via Exim-users <exim-users@???> (Di 18 Okt 2022 14:58:49 CEST): > I've recently started receiving the following message in my log files when
> sending to one host:
>
> 2022-10-18 07:12:45 H=example.com [###.###.###.199]: a TLS session is
> required, but an attempt to start TLS failed … >
> The error is causing email addressed to this host to hang in my queue and
> then fail to be delivered after the time out period. My exim.config is
> setup with the following options enabled:
>
> tls_advertise_hosts = *
> tls_certificate = /usr/local/ssl/apache-selfsigned.crt
> tls_privatekey = /usr/local/ssl/apache-selfsigned.key
This is for your Exim acting as a server, but I understand, that you're
sending *to another* host, so it irrelevant here.
> verify error:num=18:self signed certificate … this can be an issue, depending on the TLS settings of your remote
transport.
Find the transport
exim -bt <recipient>
and review the transport configuration (or share it with us).
Normally Exim should fallback to clear text communication if TLS isn't
possible, so I suspect you having some TLS related transport settings.