Re: [exim] Configuring exim to use an non-TLS connection to …

Top Pagina
Delete this message
Reply to this message
Auteur: Graeme Fowler
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] Configuring exim to use an non-TLS connection to port 587.
On 11 Apr 2023, at 17:43, Peter via Exim-users <exim-users@???> wrote:
> In absence of progress to have exim apply TLS-on-connect to server port
> 465 I'm trying non-TLS to port 587 as a simpler first objective. =8~/


Your error has nothing to do with TLS at all:

20:33:41 1656 LOG: MAIN PANIC
20:33:41 1656 failed to expand "<; ${if exists{/etc/exim4/passwd.client} {${lookup{$host}nwildlsearch{/etc/exim4/passwd.client}{$host_address}}}{} }" while checking a list: failed to open /etc/exim4/passwd.client for linear search: Permission denied (euid=106 egid=113)

The reason your Exim (as a client) is speaking over STARTTLS is because the transport is configured by default to do precisely that.

From https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html (sec 10):

"If Exim is built with TLS support, and TLS is advertised by a server, the smtp transport always tries to start a TLS session. However, this can be prevented by setting hosts_avoid_tls (an option of the transport) to a list of server hosts for which TLS should not be used."

But in any case, your problem is on your filesystem rather than on-the-wire.

Graeme

PS patches welcome for wishlist items :)