On 22/01/14 15:09, basti wrote: > Ok, thanks for that tip. > Now a Test connection looks like: > > telnet myserver.de 25 > Trying 1.1.1.1... > Connected to unix-solution.de. > Escape character is '^]'. > 220 mail.myserver.de ESMTP Exim 4.80 Wed, 22 Jan 2014 14:39:54 +0100 > ehlo localhost > 250-mail.myserver.de Hello p578a6f5e.dip0.t-ipconnect.de [1.1.1.2] > 250-SIZE 209715200 > 250-8BITMIME > 250-PIPELINING > 250-STARTTLS > 250 HELP > quit > 221 mail.myserver.de closing connection > Connection closed by foreign host. > > did this mean that fist of all the connection is encrypt by starttls?
A client usually uses STARTTLS first and issues another EHLO to get new or changed capabilities. Then he sees the AUTH. You can check that with "openssl s_client -starttls smtp ...", swaks (http://www.jetmore.org/john/code/swaks/) or smtptest from cyrus-imapd. > next I have try md5-cram and get the following error: > (received and digest are anonymised) Sorry, can't help with that. I used CRAM/DIGEST-MD5 with SASL only some years ago. I've no experience with your kind of setup. Personally I wouldn't use both for new installations. LOGIN/PLAIN after STARTTLS is just fine. Greetings, Wolfgang -- Wolfgang Breyha <[email protected]> | http://www.blafasel.at/ Vienna University Computer Center | Austria -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
