Hi, Terrance Devor <[email protected]> (So 30 Aug 2015 01:57:16 CEST): … > > 1) All authentication (ie, passing of username and password) should be done > over SSL/TLS port 465. Attempts to pass username and password over port > 25 will result in deny, error message returned to the MTA, and log
465 is deprecated, use 587 and STARTTLS. Read about 'server_advertise_conition' to avoid advertising AUTH on unencrypted connections. > 2) When relaying > > Assume our local domain is example.com > > (i) [email protected] ----> (465) Exim (465) ------> [email protected] > (ii) [email protected] ----> (465) Exim (25) ------> > [email protected] etc... > (iii) [email protected] ------> (25) Exim (465) ------> > [email protected] You do not want to relay vom anywhere to anywhere, do you? Accepting messages from outside should be done for your very own domain only, here for example.com. Exceptions are possible, in case you know what you're doing :) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
