[exim] DANE with certificate errors

Góra strony
Delete this message
Reply to this message
Autor: Kai Bojens
Data:  
Dla: exim-users
Temat: [exim] DANE with certificate errors
(Exim 4.94.2)

Hello everybody,
I have a very simple question: why would Exim notify about Certificate
errors in regard to DANE/TLS but continue to send the mails anyway? And
how do I stop this behaviour?

DANE attempt failed; TLS connection to (…) (certificate verification
failed): Verification failed. The certificate differs.

But the email is then delivered without any errors or problems.

I checked the documentation multiple times but could not find any way to
stop delivering mails when the DANE verfication fails. There's only one
mention in the "events" section about "dane:fail".

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/