Re: configuring exim4 smtp to use SSL [SOLVED]
Gary Dale wrote on 03/24/2015 04:49: snip The problem seems to have been the location of the protocol = smtps line. I had it originally in /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost. Moving it to /etc/exim4/exim4.conf.template seems to have done the trick. Didn't think of that. In order to see which configuration is actually used, I think, one should check the automatically generated file /var/lib/exim4/config.autogenerated . -- Regards, jvp. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/mermht$tv0$1...@ger.gmane.org
Re: configuring exim4 smtp to use SSL [SOLVED]
On 17/03/15 10:38 AM, Gary Dale wrote: On 17/03/15 01:30 AM, David Wright wrote: Quoting Gary Dale (garyd...@torfree.net): On 16/03/15 12:37 PM, Brian wrote: On Mon 16 Mar 2015 at 10:46:25 -0500, David Wright wrote: Quoting James (bjloc...@lockie.ca): You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps I'm sorry if I muddied the waters by suggesting using telnet. I find it a useful tool to quickly test whether I can reach a port, whether anything is listening, and whether the response is the same as I got last time/when things were working, even if that response is to connect for a few seconds and then disconnect (like 80 does). And I can get the results from ten differnet ports in one screenful of text. A slight mistake; but now the OP is back on the right track all he should have to do is issue the helo, mail from:, rcpt to: and data commands to test whether sending mail is possible. If it is he can then take a closer look at his exim setup. OK, following the doc at http://www.debianhelp.co.uk/mail.htm, I could enter: HELO my domain I always use EHLO but have no idea if it makes a difference. MAIL FROM account@mydomain but things get interesting when I enter the rcpt to: RCPT TO: g...@extremeground.com Shouldn't that be in according to rfc2821? I just tried it with EHLO and using RCPT TO: g...@extremeground.com and got the same result. The problem seems to have been the location of the protocol = smtps line. I had it originally in /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost. Moving it to /etc/exim4/exim4.conf.template seems to have done the trick. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5510dec1.6070...@torfree.net
Re: configuring exim4 smtp to use SSL
On Sat, Mar 14, 2015 at 08:48:37PM -0500, David Wright wrote: Is it worth telnetting the port to check that it supports what you think it does. For example, from several years ago: Check out swaks. It is a debug SMTP client which can do more sophisticated things than you can via telnet. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150317093222.ga8...@chew.redmars.org
Re: configuring exim4 smtp to use SSL
On Tue 17 Mar 2015 at 00:30:38 -0500, David Wright wrote: Quoting Gary Dale (garyd...@torfree.net): OK, following the doc at http://www.debianhelp.co.uk/mail.htm, I could enter: HELO my domain I always use EHLO but have no idea if it makes a difference. EHLO allows the client to discover whether the server supports ESMTP. If it does not it will revert to HELO behaviour. MAIL FROM account@mydomain but things get interesting when I enter the rcpt to: RCPT TO: g...@extremeground.com Shouldn't that be in according to rfc2821? Probably best to put them in, although there are servers which are not too picky. Leaving off often gets an error message. RENEGOTIATING depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority verify error:num=20:unable to get local issuer certificate verify return:0 After that, I can't enter DATA. It says 503 valid RCPT command must precede DATA Yes, until you see a 250 from RCPT TO: it hasn't been accepted. I've tried a few different RCPT TO: addresses but I get the same result. Also tried using the ISP's mail server's domain in the HELO with the same results. I tried creating a local certificate and updating the exim4.conf.template with MAIN_TLS_ENABLE = yes but that didn't help either. I don't think those verify items above are necessarily a problem in themselves. Your sequence of commands (with the changes I suggested) worked for me. They can work for me too. But only when I'm on the same network as the server. Then I suppose I'm trusted. I hope the OP is diligently reading all the mails on -user. A couple today in https://lists.debian.org/debian-user/2015/03/msg00645.html might interest him. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/17032015114224.94ae556ae...@desktop.copernicus.demon.co.uk
Re: configuring exim4 smtp to use SSL
On 17/03/15 01:30 AM, David Wright wrote: Quoting Gary Dale (garyd...@torfree.net): On 16/03/15 12:37 PM, Brian wrote: On Mon 16 Mar 2015 at 10:46:25 -0500, David Wright wrote: Quoting James (bjloc...@lockie.ca): You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps I'm sorry if I muddied the waters by suggesting using telnet. I find it a useful tool to quickly test whether I can reach a port, whether anything is listening, and whether the response is the same as I got last time/when things were working, even if that response is to connect for a few seconds and then disconnect (like 80 does). And I can get the results from ten differnet ports in one screenful of text. A slight mistake; but now the OP is back on the right track all he should have to do is issue the helo, mail from:, rcpt to: and data commands to test whether sending mail is possible. If it is he can then take a closer look at his exim setup. OK, following the doc at http://www.debianhelp.co.uk/mail.htm, I could enter: HELO my domain I always use EHLO but have no idea if it makes a difference. MAIL FROM account@mydomain but things get interesting when I enter the rcpt to: RCPT TO: g...@extremeground.com Shouldn't that be in according to rfc2821? I just tried it with EHLO and using RCPT TO: g...@extremeground.com and got the same result. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55083c79.5080...@torfree.net
Re: configuring exim4 smtp to use SSL
On 16/03/15 12:37 PM, Brian wrote: On Mon 16 Mar 2015 at 10:46:25 -0500, David Wright wrote: Quoting James (bjloc...@lockie.ca): You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps I'm sorry if I muddied the waters by suggesting using telnet. I find it a useful tool to quickly test whether I can reach a port, whether anything is listening, and whether the response is the same as I got last time/when things were working, even if that response is to connect for a few seconds and then disconnect (like 80 does). And I can get the results from ten differnet ports in one screenful of text. A slight mistake; but now the OP is back on the right track all he should have to do is issue the helo, mail from:, rcpt to: and data commands to test whether sending mail is possible. If it is he can then take a closer look at his exim setup. OK, following the doc at http://www.debianhelp.co.uk/mail.htm, I could enter: HELO my domain MAIL FROM account@mydomain but things get interesting when I enter the rcpt to: RCPT TO: g...@extremeground.com RENEGOTIATING depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority verify error:num=20:unable to get local issuer certificate verify return:0 After that, I can't enter DATA. It says 503 valid RCPT command must precede DATA I've tried a few different RCPT TO: addresses but I get the same result. Also tried using the ISP's mail server's domain in the HELO with the same results. I tried creating a local certificate and updating the exim4.conf.template with MAIN_TLS_ENABLE = yes but that didn't help either. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5507a658.2070...@torfree.net
Re: configuring exim4 smtp to use SSL
Quoting James (bjloc...@lockie.ca): You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps I'm sorry if I muddied the waters by suggesting using telnet. I find it a useful tool to quickly test whether I can reach a port, whether anything is listening, and whether the response is the same as I got last time/when things were working, even if that response is to connect for a few seconds and then disconnect (like 80 does). And I can get the results from ten differnet ports in one screenful of text. Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150316154625.ga7...@alum.home
Re: configuring exim4 smtp to use SSL
On Mon 16 Mar 2015 at 10:46:25 -0500, David Wright wrote: Quoting James (bjloc...@lockie.ca): You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps I'm sorry if I muddied the waters by suggesting using telnet. I find it a useful tool to quickly test whether I can reach a port, whether anything is listening, and whether the response is the same as I got last time/when things were working, even if that response is to connect for a few seconds and then disconnect (like 80 does). And I can get the results from ten differnet ports in one screenful of text. A slight mistake; but now the OP is back on the right track all he should have to do is issue the helo, mail from:, rcpt to: and data commands to test whether sending mail is possible. If it is he can then take a closer look at his exim setup. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/16032015163318.39d5d5e9a...@desktop.copernicus.demon.co.uk
Re: configuring exim4 smtp to use SSL
Quoting Gary Dale (garyd...@torfree.net): On 16/03/15 12:37 PM, Brian wrote: On Mon 16 Mar 2015 at 10:46:25 -0500, David Wright wrote: Quoting James (bjloc...@lockie.ca): You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps I'm sorry if I muddied the waters by suggesting using telnet. I find it a useful tool to quickly test whether I can reach a port, whether anything is listening, and whether the response is the same as I got last time/when things were working, even if that response is to connect for a few seconds and then disconnect (like 80 does). And I can get the results from ten differnet ports in one screenful of text. A slight mistake; but now the OP is back on the right track all he should have to do is issue the helo, mail from:, rcpt to: and data commands to test whether sending mail is possible. If it is he can then take a closer look at his exim setup. OK, following the doc at http://www.debianhelp.co.uk/mail.htm, I could enter: HELO my domain I always use EHLO but have no idea if it makes a difference. MAIL FROM account@mydomain but things get interesting when I enter the rcpt to: RCPT TO: g...@extremeground.com Shouldn't that be in according to rfc2821? RENEGOTIATING depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority verify error:num=20:unable to get local issuer certificate verify return:0 After that, I can't enter DATA. It says 503 valid RCPT command must precede DATA Yes, until you see a 250 from RCPT TO: it hasn't been accepted. I've tried a few different RCPT TO: addresses but I get the same result. Also tried using the ISP's mail server's domain in the HELO with the same results. I tried creating a local certificate and updating the exim4.conf.template with MAIN_TLS_ENABLE = yes but that didn't help either. I don't think those verify items above are necessarily a problem in themselves. Your sequence of commands (with the changes I suggested) worked for me. Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150317053038.ga23...@alum.home
Re: configuring exim4 smtp to use SSL
On 15/03/15 05:32 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/15/2015 04:26: snip I can telnet to both 26 and 465. I get three 220 lines when I connect to port 26, including the ESMTP line, but not when I use port 465. When I connect to port 465, I get kicked out if I enter the EHLO or a USER command, etc.. Also on the smtps server my exim4 connects to on port 465, a telnet connection gets immediately kicked out. What output appears now in the log file? If I remove the protocol = smtps line, something ending in ... closed connection in response to initial connection is logged when trying to deliver a mail. To make sure, after changing the configuration files of exim4 you issued the commands update-exim4.conf and something like service exim4 restart ? I get the closed connection message on screen when I'm kicked out from the 465 port. I don't see anything in the logs I've looked at. And yes, I am doing the update and restart when I change the configuration. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55057561.9040...@torfree.net
Re: configuring exim4 smtp to use SSL
Forgot to mention that I'm using jessie with exim4 version 4.84-8. -- Regards, jvp. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/me46qp$6ek$1...@ger.gmane.org
Re: configuring exim4 smtp to use SSL
On 03/15/2015 08:04 AM, Gary Dale wrote: On 15/03/15 05:32 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/15/2015 04:26: snip I can telnet to both 26 and 465. I get three 220 lines when I connect to port 26, including the ESMTP line, but not when I use port 465. When I connect to port 465, I get kicked out if I enter the EHLO or a USER command, etc.. Also on the smtps server my exim4 connects to on port 465, a telnet connection gets immediately kicked out. What output appears now in the log file? If I remove the protocol = smtps line, something ending in ... closed connection in response to initial connection is logged when trying to deliver a mail. To make sure, after changing the configuration files of exim4 you issued the commands update-exim4.conf and something like service exim4 restart ? I get the closed connection message on screen when I'm kicked out from the 465 port. I don't see anything in the logs I've looked at. And yes, I am doing the update and restart when I change the configuration. You can't telnet to an ssl port. Use: openssl s_client -connect [IP]:smtps -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5505b08c.2030...@lockie.ca
Re: configuring exim4 smtp to use SSL
Gary Dale wrote on 03/15/2015 04:26: snip I can telnet to both 26 and 465. I get three 220 lines when I connect to port 26, including the ESMTP line, but not when I use port 465. When I connect to port 465, I get kicked out if I enter the EHLO or a USER command, etc.. Also on the smtps server my exim4 connects to on port 465, a telnet connection gets immediately kicked out. What output appears now in the log file? If I remove the protocol = smtps line, something ending in ... closed connection in response to initial connection is logged when trying to deliver a mail. To make sure, after changing the configuration files of exim4 you issued the commands update-exim4.conf and something like service exim4 restart ? -- Regards, jvp. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/me3jjt$6no$1...@ger.gmane.org
Re: configuring exim4 smtp to use SSL
On 14/03/15 09:48 PM, David Wright wrote: Quoting Gary Dale (garyd...@torfree.net): On 14/03/15 09:34 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. Ignore previous e-mail. It didn't work. Tried it with and without the tls_on_connect_ports line in local_macros. Also, the entry in passwd.client would be the same as for the unencrypted connection, unless I'm missing something. Is it worth telnetting the port to check that it supports what you think it does. For example, from several years ago: $ telnet smtp.lionunicorn.co.uk 25 ← Trying 149.255.58.10... Connected to smtp.lionunicorn.co.uk. Escape character is '^]'. 220 cloud11.unlimitedwebhosting.co.uk ESMTP ehlo me.here ← 250-cloud11.unlimitedwebhosting.co.uk 250-AUTH=LOGIN CRAM-MD5 PLAIN 250-AUTH LOGIN CRAM-MD5 PLAIN 250-STARTTLS 250-PIPELINING 250 8BITMIME ^] ← telnet quit ← Connection closed. I typed these lines. ← Cheers, David. I can telnet to both 26 and 465. I get three 220 lines when I connect to port 26, including the ESMTP line, but not when I use port 465. When I connect to port 465, I get kicked out if I enter the EHLO or a USER command, etc.. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5504fbf1.1080...@torfree.net
Re: configuring exim4 smtp to use SSL
On 14/03/15 11:08 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 15:46: On 14/03/15 09:34 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. Ignore previous e-mail. It didn't work. Tried it with and without the tls_on_connect_ports line in local_macros. As far as I understand the documentation, tls_on_connect_ports regards clients connecting to your exim4 server. Perhaps. I read it as my exim4 client connecting to a poorly-configured remote smarthost. Also, the entry in passwd.client would be the same as for the unencrypted connection, unless I'm missing something. Take a look into the log file. In my case the server exim4 tries to connect to, does answer with another server name than the one given in dc_smarthost. I therefore added a line with the name of the responding server and same username and password. I considered that (previous experience with google) and used *.com in the passwd.client line since I just have the one server I'm connecting to. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5504f776.1010...@torfree.net
Re: configuring exim4 smtp to use SSL
Quoting Gary Dale (garyd...@torfree.net): On 14/03/15 09:34 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. Ignore previous e-mail. It didn't work. Tried it with and without the tls_on_connect_ports line in local_macros. Also, the entry in passwd.client would be the same as for the unencrypted connection, unless I'm missing something. Is it worth telnetting the port to check that it supports what you think it does. For example, from several years ago: $ telnet smtp.lionunicorn.co.uk 25 ← Trying 149.255.58.10... Connected to smtp.lionunicorn.co.uk. Escape character is '^]'. 220 cloud11.unlimitedwebhosting.co.uk ESMTP ehlo me.here ← 250-cloud11.unlimitedwebhosting.co.uk 250-AUTH=LOGIN CRAM-MD5 PLAIN 250-AUTH LOGIN CRAM-MD5 PLAIN 250-STARTTLS 250-PIPELINING 250 8BITMIME ^] ← telnet quit ← Connection closed. I typed these lines. ← Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150315014837.ga2...@alum.home
Re: configuring exim4 smtp to use SSL
Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. -- Regards, jvp. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/me1dc8$g3l$1...@ger.gmane.org
Re: configuring exim4 smtp to use SSL
On 14/03/15 09:34 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. Adding protocol = smtps worked. It had to be added to the transport/30_exim4-config_remote_smtp_smarthost file. Local_macros wouldn't take it. Thanks! -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55044806.2090...@torfree.net
Re: configuring exim4 smtp to use SSL
Gary Dale wrote on 03/14/2015 15:46: On 14/03/15 09:34 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. Ignore previous e-mail. It didn't work. Tried it with and without the tls_on_connect_ports line in local_macros. As far as I understand the documentation, tls_on_connect_ports regards clients connecting to your exim4 server. Also, the entry in passwd.client would be the same as for the unencrypted connection, unless I'm missing something. Take a look into the log file. In my case the server exim4 tries to connect to, does answer with another server name than the one given in dc_smarthost. I therefore added a line with the name of the responding server and same username and password. -- Regards, jvp. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/me1it5$3k7$1...@ger.gmane.org
Re: configuring exim4 smtp to use SSL
On 14/03/15 09:34 AM, Jörg-Volker Peetz wrote: Gary Dale wrote on 03/14/2015 06:00: snip I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. Besides the dc_smarthost addition ::465, I added protocol = smtps in the transport/30_exim4-config_remote_smtp_smarthost section and didn't change tls_on_connect_ports. Don't know if this works when adding it in exim4.conf.localmacros (maybe you try that first?). Also, don't forget to add an appropriate entry in passwd.client. Ignore previous e-mail. It didn't work. Tried it with and without the tls_on_connect_ports line in local_macros. Also, the entry in passwd.client would be the same as for the unencrypted connection, unless I'm missing something. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/550449bb.6020...@torfree.net
Re: configuring exim4 smtp to use SSL
On Sex, 13 Mar 2015, Gary Dale wrote: My update-exim4.conf.conf file is (replacing remote host name with the actual name). If dc_smarthost has the port set to 26, mail gets sent. However with it set to 465, it stays in the mailq. dc_eximconfig_configtype='smarthost' dc_other_hostnames='' dc_local_interfaces='127.0.0.1' dc_readhost='remote host name' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='remote host name:465' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='false' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' Any ideas? What do the logs say? Also, port 465 is SSL on connect, you probably need to tell exim that. (Or convince the remote server administrators do move to STARTTLS on port 587.) -- Eduardo M KALINOWSKI edua...@kalinowski.com.br -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150313171942.horde.1_hyfk6bw9dce5sgn_b7...@mail.kalinowski.com.br
Re: configuring exim4 smtp to use SSL
Quoting Gary Dale (garyd...@torfree.net): I'm running a Wheezy/64 server and am trying to get exim4 to send e-mail using an SSL connection. My current configuration works when I use their normal smtp port (which is 26, not 25) but fails when I use their smtp/SSL port (465). However Thunderbird is able to send e-mail from workstations to the same server using port 465 and have SSL/TLS identified as the connection security. My update-exim4.conf.conf file is (replacing remote host name with the actual name). If dc_smarthost has the port set to 26, mail gets sent. However with it set to 465, it stays in the mailq. dc_eximconfig_configtype='smarthost' dc_other_hostnames='' dc_local_interfaces='127.0.0.1' dc_readhost='remote host name' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='remote host name:465' Two colons please, not one. CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='false' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' Cheers, David. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150313172855.ga5...@alum.home
Re: configuring exim4 smtp to use SSL
On 13/03/15 01:19 PM, Eduardo M KALINOWSKI wrote: On Sex, 13 Mar 2015, Gary Dale wrote: My update-exim4.conf.conf file is (replacing remote host name with the actual name). If dc_smarthost has the port set to 26, mail gets sent. However with it set to 465, it stays in the mailq. dc_eximconfig_configtype='smarthost' dc_other_hostnames='' dc_local_interfaces='127.0.0.1' dc_readhost='remote host name' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='remote host name:465' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='false' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' Any ideas? What do the logs say? Also, port 465 is SSL on connect, you probably need to tell exim that. (Or convince the remote server administrators do move to STARTTLS on port 587.) I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which is supposed to cover the SSL on connect issue. The log for an unsuccessful mail says: 2015-03-14 00:47:44 1YWdzE-l6-CR = sending e-mail address U=garydale P=local S=1665 2015-03-14 00:47:44 1YWdzE-l6-CR ** -r@localhost: Unrouteable address 2015-03-14 00:47:44 1YWdzE-l6-CR ** g...@extremeground.com R=smarthost T=remote_smtp_smarthost: retry time not reached for any host after a long failure period 2015-03-14 00:47:44 1YWdzE-l6-CR ** sending e-mail address R=smarthost T=remote_smtp_smarthost: retry time not reached for any host after a long failure period 2015-03-14 00:47:44 1YWdzE-lB-Ik = R=1YWdzE-l6-CR U=Debian-exim P=local S=2720 2015-03-14 00:47:44 1YWdzE-lB-Ik ** sending e-mail address R=smarthost T=remote_smtp_smarthost: retry time not reached for any host after a long failure period 2015-03-14 00:47:44 1YWdzE-lB-Ik Frozen (delivery error message) 2015-03-14 00:47:44 1YWdzE-l6-CR Completed I use /etc/email-addresses to change garydale to sending e-mail address. Otherwise the e-mail just bounces. When I change to port 26 and leave everything else the same, the mail goes through. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5503c069.9090...@torfree.net
Re: configuring exim4 smtp to use SSL
On 13/03/15 01:28 PM, David Wright wrote: Quoting Gary Dale (garyd...@torfree.net): I'm running a Wheezy/64 server and am trying to get exim4 to send e-mail using an SSL connection. My current configuration works when I use their normal smtp port (which is 26, not 25) but fails when I use their smtp/SSL port (465). However Thunderbird is able to send e-mail from workstations to the same server using port 465 and have SSL/TLS identified as the connection security. My update-exim4.conf.conf file is (replacing remote host name with the actual name). If dc_smarthost has the port set to 26, mail gets sent. However with it set to 465, it stays in the mailq. dc_eximconfig_configtype='smarthost' dc_other_hostnames='' dc_local_interfaces='127.0.0.1' dc_readhost='remote host name' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='remote host name:465' Two colons please, not one. CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='false' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' Cheers, David. Yes, typo when I removed the actual name. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5503b774.8080...@torfree.net