Bug#515999: exim4-config: Uses all ca-certificates by default
Mark Brown
broonie at debian.org
Wed Feb 18 18:27:30 UTC 2009
Package: exim4-config
Version: 4.69-9
Severity: normal
By default exim4-config includes all certificates ca-certificates installs
in /etc/ssl/certs/ca-certificates.crt. This causes interoperability with
a number of mail clients, primarily Microsoft ones, which get upset when
a very large number of certificates are included in the initial greeting
(I suspect in an effort to avoid overflows) and terminate SSL negotiations.
For maximum interoperability a safer default should be chosen, such as
not using any certificates or using a separate store in /etc/exim (like
the default certificate files).
-- Package-specific info:
Exim version 4.69 #1 built 30-Sep-2008 18:26:44
Copyright (c) University of Cambridge 2006
Berkeley DB: Berkeley DB 4.6.21: (September 27, 2007)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning Old_Demime
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated
-- System Information:
Debian Release: 5.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.20.3-bytemark-uml-2
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages exim4-config depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
exim4-config recommends no packages.
exim4-config suggests no packages.
-- debconf information excluded
More information about the Pkg-exim4-maintainers
mailing list