Hi, Am 22.03.22 um 09:15 schrieb Andreas Barth via Exim-users:
You need to activate MAIN_TLS_ENABLE in a configuration file. Of course, you current way works as well.
Honestly, I think that today, not enabling TLS as default in a mailserver, is a complete no-go and should be changed ASAP by the distro maintainer.
exim isn't exchange, where M$ had the example cipher list reversed, so that SSLv3 was the best cipher they offered :D, but it's an easy to setup config, where working TLS is just 3-4 lines of config and a simple installscripthook to create a default cert. That's not magic.
It may be "ok" for an automatic system reporting some technical data, but also TLS won't hurt there, so it's no excuse for not enabling TLS by default. Not to speak of, that in some parts of the world it is now against data protection laws not to use TLS, if personal data is transported and rl named emailaddresses count as such personal data. (i.E. ยง32 1a EU GDPR)
best regard, Marius -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
