On 2019-01-06 6:44 p.m., Gary Dale via Exim-users wrote:
On 2019-01-06 2:51 p.m., Jeremy Harris wrote:
On 06/01/2019 19:34, Gary Dale via Exim-users wrote:
You've missed the point. My e-mail smarthost uses 587 for unencrypted
connections but 465 for encrypted. Using Thunderbird with ssl/tls on
port 465 works. It's the Exim4 (encrypted) configuration I need help
with.
Oh, right. You're using Exim as a client here. So it's the transport
configuration that matters:
http://exim.org/exim-html-current/doc/html/spec_html/ch-the_smtp_transport.html#SECID146
For the relevant transport in your config you'll need to
set the "protocol" option to "smtps" to get TLS-on-connect.
Quite where that is in you Debian-derived config I can't tell you.
I'd not be at all surprised if the Debian configurator front-end
knows about the possibility.
Yes. I forgot to mention that I've done that too. I added it to
exim4.conf.template then re-ran the configure and restarted the
service. Still no joy.
Got a connection to the remote host using:
openssl s_client -connect smtp -crlf -connect <sub>.r4l.com:465
From there I was able to login and send an e-mail (once I'd figured
out that I needed to follow the helo with an ehlo). The connection
showed the remote server's certificate information so I think it was
encrypted.
This brings me back to the exim4 configuration. I tried putting
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
in the exim4.conf.localmacros file so that the section
.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS
hosts_require_tls = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS
protocol = smtps
.endif
would be triggered in exim4.conf.template but when I look in
/var/lib/exim4/config.autogenerated, the section is simply copied
(with the enclosing .ifdef...endif) making me wonder if it is being
run. However the line from .localmacros is copied at the top, so it
should be. I guess the file is interpreted rather than simply being
loaded by the exim4 service.
At any rate, I think I've got everything right but I can't get it to
actually send mail...
Any idea?
OK. I have no idea what happened but it's working now. I was watching
TV for a while and when I came back to my computer, the test messages
that had been stuck in my mailq were delivered.
To document what my setup is:
- exim4.conf.template I added this line after .ifdef MAIN_TLS_ENABLE
tls_on_connect_ports = 465
- after the line hosts_require_tls =
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS, I added
protocol = smtps
- exim4.conf.localmacros contains:
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = 1
MAIN_TLS_ENABLE = 1
- my update-exim4.conf.conf has the line:
dc_smarthost='<sub>.r4l.com::465'
where <sub> is replace by the actual subdomain/server that r4l.com assigned.
I hope this helps someone in the future.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
