Rob Brenart wrote:
Bill Hacker wrote:
Marc Sherman wrote:
Rob Brenart wrote:
Thanks for the advice... it is a debian list, so I've asked on the
exim4 debian user's list and we'll see if I get any hits... in case
it matters though, I tried your command and received the
following... but no message delivered. However, I think I see the
problem, :25... I'm pretty sure I need to be coming in over 465 with
SSL... trying to find in the docs how to set this now
Exim does not support tls-on-connect (port 465) as a client. You'll
have to use stunnel or something.
- Marc
AFAIK Exim supports tls_on_connect on any port you specify. RTFM.
In addition to a menagerie of non-standard ports, I was even trialing
it on port 80 a few days ago.
Gets around firewalls quite nicely, but throws some weird log entries
when search-bots try to crawl a non-existent webpage...
;-)
Bill Hacker
I did RTFM and it claimed it would all "just work", it doesn't... and I
can't seem to find an entry about how to make it try port 465 instead of 25
There is a simpler way to annotate it, but this should cover it all:
=============================================
local_interfaces = <your first IP> : <your next IP>
# Defaults to all if not mentioned.
daemon_smtp_ports = 25 : <second port>: <third port>: <fourth port> :
465 :<fifth port>
# defaults to 25 if not mentioned
tls_on_connect_ports = 465 : <next port> (( those ones will work the
old SSL protocol))
#defaults to none, AFAIK, but runs TLS on all.
#Note that there is no colon after the last entry.
tls_certificate = /usr/local/etc/exim/certs/<your cert filename>
#You did generate & install a cert?
tls_advertise_hosts = *
tls_remember_esmtp = yes
# These to get esmtps // esmtpsa TLS end-to-end with hosts that grok it
auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
# there are variations on this
===============================================
But Mark's point still applies to MUA's (e-mail clients).
- Not all will allow selection of the port you want.
- Many will not allow selection between TLS, and TLS-on-connect,
(which is a new name for the older SSL protocol).
You also need to sort the issue of authentication credentials as to
PLAIN, LOGIN, CRAMD5, SASSL, PEM
- Not all MUA's allow all choices - some make assumptions.
Mozilla Suite mailer is one that will do. There are many others.
HTH,
Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
