* on the Wed, Oct 30, 2013 at 12:23:47PM +0000, Mike Cardwell wrote: > In my remote_smtp transport I have: > > hosts_require_tls = <; fc00:beef:beef:601:9530:2068:3df9:5cb7 > > I just added this to the top of my rcpt ACL: > > warn control = cutthrough_delivery > > Now I'm getting this in my mainlog whenever a message is delivered: > > 2013-10-30 12:16:18 a TLS session is required for hype.glue.grepular.com > [fc00:beef:beef:601:9530:2068:3df9:5cb7], but an attempt to start TLS failed > > The message *is* delivered using a TLS secured connection though: > > 2013-10-30 12:16:20 1VbUh8-0006Mc-Po => [email protected] > P=<[email protected]> R=relay_remote T=remote_smtp S=758 > H=hype.glue.grepular.com [fc00:beef:beef:601:9530:2068:3df9:5cb7]:25 > X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no > DN="/description=TN8sb87Rblzkc66S/C=GB/CN=glue.grepular.com/[email protected]" > C="250 OK id=1VbUhz-0008Cg-3H"
To add to this, I see no errors in the mainlog of the destination server (glue), and a tcpdump shows that this is what happens during the cut-through delivery attempt: <= 220-glue.grepular.com ESMTP Exim 5.99 Wed, 30 Oct 2013 12:28:38 +0000 <= 220 BOOSH => EHLO flan.grepular.com <= 250-SIZE 52428800 <= 250-8BITMIME <= 250-ETRN <= 250-PIPELINING <= 250-STARTTLS <= 250-PRDR <= 250 HELP => QUIT <= 221 glue.grepular.com closing connection It connects, sends an EHLO, sends a QUIT, and then disconnects. Here's my exim -bV: Exim version 4.82_RC5 #2 built 27-Oct-2013 19:43:24 Copyright (c) University of Cambridge, 1995 - 2013 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2013 Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc OpenSSL move_frozen_messages Content_Scanning DKIM Old_Demime Experimental_SPF Experimental_DCC Experimental_DMARC Experimental_OCSP Experimental_PRDR Experimental_TPDA Experimental_Redis Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /etc/exim4/exim4.conf -- Mike Cardwell https://grepular.com/ http://cardwellit.com/ OpenPGP Key 35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
