On Wed, Nov 07, 2007 at 03:29:06AM +0100, Daniel Tiefnig wrote: > > > How do sites who *do* do TLS over the Internet (with no certificate > > checks) get on ? Are there many obscure problems encountered ? > > Hmm, I remember some problems with misconfigured MTAs that advertised > TLS, but then weren't able to provide it. The responsible admins blamed > us that we weren't able to send mails to them, because other servers > could send them mail... *sigh* There were quite a lot of them, so I > started using "hosts_avoid_tls = *" too.
There is "tls_tempfail_tryclear" setting, which will make Exim jump back to non-encryption after STARTTLS returns 4xx or TLS/SSL negotiation fails in some way. From my experience, it works just fine. -- Jan Srzednicki :: http://wrzask.pl/ "Remember, remember, the fifth of November" -- V for Vendetta -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
