Bug#677826: TLS certificate not used for smarthost transport by default
Andreas Metzler
ametzler at downhill.at.eu.org
Sun Jun 17 07:05:28 UTC 2012
On 2012-06-17 Ben Hutchings <ben at decadent.org.uk> wrote:
> Package: exim4-config
> Version: 4.80-3
> Severity: normal
> Tags: patch
> The configured (or default) TLS certificate and private key are not
> used for a smarthost transport.
> The following patch fixes this for me, but I don't know that it is
> generally correct. By the point this fragment is read all the
> MAIN_TLS_* macros seem to become undefined. The patch defines some of
> them again, but I think it can only work for the default certificate
> and private key locations. I don't know whether the disappearing
> macros are a bug in exim4 itself or a subtlety of scoping in the
> configuration file. Either way, it's very confusing.
[...]
Hello Ben,
I think there might be a misunderstanding. Exim has separate settings for
configuring TLS as listening daemon and for outgoing connections.
Almost every[1] single *tls* _main_ configuration option (incoming
connections) has a corresponding setting for the smtp transport
(outgoing connections).
The Debian configuration does the same, MAIN_TLS_* sets the changes
the respective main TLS setting with no effect on the transport
option.
cu andreas
[1] Except for gnutls_compat_mode which is deprecated anyway and
tls_advertise_hosts.
More information about the Pkg-exim4-maintainers
mailing list