[exim] Fixing or disabling TLS for internal network hosts

Top Page
Delete this message
Reply to this message
Author: AC
Date:  
To: exim-users
Subject: [exim] Fixing or disabling TLS for internal network hosts
I have one primary Exim installation that is my main mail server visible
to both the internal hosts and as a public host so TLS is enabled on it.

My internal hosts are using Exim in smarthost mode to handle sending
daemon mail to the main server. All of this is working fine, I just get
messages in the logs about TLS fatal alerts because the certificate is bad.

The internal hosts are running self-signed certificates. So is there a
way to either make the self-signed certificates acceptable to the main
Exim server or otherwise disable the use of TLS by either the internal
servers or configuring the main server to not advertise TLS to the
internal hosts?

The only real reason to do this is cosmetic so that I don't get the
error alerts triggering log monitoring.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/