Hi,
require
message=starttls required
encrypted=*
in the smtp mail ACL "acl_check_mail" on debian systems.
It's works.Thanks
Em Domingo, 25 de Fevereiro de 2018 9:02, "[email protected]"
<[email protected]> escreveu:
Send Exim-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.exim.org/mailman/listinfo/exim-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Exim-users digest..."
Today's Topics:
1. Question TLS (Luciano InfoCultura)
2. Re: Question TLS (Phil Pennock)
3. Re: Question TLS (Jasen Betts)
How do I make connections initiated on ports 25 or 587 in plain text only allow
the sending of messages after using STARTTLS.
my brief configuration:The message exchange is between servers and do not use
authentication.
..MAIN_TLS_ENABLE = truedaemon_smtp_ports = 25: 465: 587tls_on_connect_ports =
465..
Luciano da Silva
On 2018-02-22 at 17:34 +0000, Luciano InfoCultura via Exim-users wrote:
> How do I make connections initiated on ports 25 or 587 in plain text only
> allow the sending of messages after using STARTTLS.
> my brief configuration:The message exchange is between servers and do not use
> authentication.
> ..MAIN_TLS_ENABLE = truedaemon_smtp_ports = 25: 465: 587tls_on_connect_ports
> = 465..
The MAIN_TLS_ENABLE setting is a sign of the Debianized configuration.
All of the Exim settings you have listed above are for how Exim listens,
not how it sends; sending is controlled via the SMTP "Transport" linked
to whichever "Router" accepted the message/recipient and chose remote
delivery via SMTP for it.
Ports 465 and 587 are for initial Submission by clients and not for
server-to-server traffic (except in special hacky situations such as
having your mail-server pretend to be a client, of Gmail/whatever).
Unless you've got a special arrangement in place, you're sending on port
25 and using STARTTLS to upgrade the connection.
I don't see a Debian control knob for this. From Exim's side, you want
the SMTP Transport to include:
hosts_require_tls = *
-Phil
On 2018-02-22, Luciano InfoCultura via Exim-users <[email protected]> wrote:
> How do I make connections initiated on ports 25 or 587 in plain text only
> allow the sending of messages after using STARTTLS.
> my brief configuration:The message exchange is between servers and do not use
> authentication.
> ..MAIN_TLS_ENABLE = truedaemon_smtp_ports = 25: 465: 587tls_on_connect_ports
> = 465..
I'm guessing you mean inbound.
Put this
require
message=starttls required
encrypted=*
in the smtp mail ACL "acl_check_mail" on debian systems.
--
This email has not been checked by half-arsed antivirus software
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
