On 2011-02-24 at 16:51 -0800, WJCarpenter wrote:
> On 2/23/2011 6:59 PM, Phil Pennock wrote:
> >
> > To see that message, the internal variable tls_active must be set>= 0
> > (to match the file descriptor corresponding to the connection). This
> > means that tls_server_start() has been called, which means that
> > something has happened to enable SSL/TLS.
>
> Mostly just curious: Would an exim that advertises STARTTLS continue to
> advertise it after TLS has been started?
No.
Your best choice, in my experience, for debugging this is gnutls-cli.
With the --starttls option, it will start TLS negotiation when you type
Ctrl-D.
starttls() {
gnutls-cli --x509cafile /etc/ssl/cert.pem --starttls --crlf "$@"
}
% starttls --port 587 smtp.spodhuis.org
[ EHLO, STARTTLS, Ctrl-D, EHLO ]
-Phil
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
