On Sat, Oct 30, 2021 at 12:37:50PM +0100, Jeremy Harris via Exim-users wrote: > On 30/10/2021 11:56, Dominik Vogt via Exim-users wrote: > > The Debian-11/Devuan-4 defaults for "SMARTHOST for outgoing main, > > fetchmail for incoming mail" are what caused this: > > > > .ifdef MAIN_TLS_VERIFY_HOSTS > > tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS > > .endif > > > > .ifdef MAIN_TLS_TRY_VERIFY_HOSTS > > tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS > > .endif > > > > .ifndef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS > > REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS = * > > .endif > > .ifdef REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS > > hosts_require_tls = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS > > .endif
> > No idea to what values of the upper case variables are in the > > first place. Are they defined at compile time; is there a way to > > look them up, other than from the Debian src package? > "exim -bP macro <name-of-macro>" can be used to look one up. That says that all of these are undefined. So, to enforce TLS and certificate verification I sould set MAIN_TLS_VERIFY_HOSTS = * REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS = * Somewhere at the beginning of /etx/exim4/exim4.conf.template? Ciao Dominik ^_^ ^_^ -- Dominik Vogt -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/