[Pkg-exim4-users] Exim 4 Help

Marc Haber mh+pkg-exim4-users at zugschlus.de
Thu Feb 2 09:34:16 UTC 2006 

You need to be subscribed to post to this mailing list. This is
documented. I have manually approved your message. Please subscribe
and reply in public.

On Wed, Feb 01, 2006 at 01:35:44PM -0500, Nick Khamis wrote:
> 1. getting port 465 open - When I nmap localhost I don't see port 465 open, 
> should I just open the port using inted or create /etc/xinted/exim file with 
> the ssl-smtp service.

Set SMTPLISTENEROPTIONS='-oX 465:25 -oP /var/run/exim4/exim4.pid' in
/etc/default/exim4 and "tls_on_connect_ports=465" in the main configuration
section.

> 2. when I issue the command telnet loalhost  25 I am getting
> --------------------------------------------------------------------------------
> 250-ms1.symack.com Hello root at ms1.symack.com [127.0.0.1]
> 250-SIZE 20971520
> 250-PIPELINING
> 250-AUTH PLAIN
> 250 HELP
> ------------------------------------------------------------------------------
> I am not getting the STARTTLS

Looks like you have not enabled TLS.

> 3. I am having this error that is killing me in mainlog file
> 2006-01-31 15:29:39 TLS error on connection from ms1.symack.com [192.168.1.11] 
> (no TLS server certificate is specified).
> I have TLS_CERTIFICATE option pointing to the right file

I don't understand this. You have not enabled TLS. Why does your
system look for a certificate?

> 1. What do I need to do in exim.conf to enable TLS
> 2.  "         "   "   "       "  "    for Plain Text AUTH
> 3. How to setup self signed with openssl Certificates and Keys that exim 
> "likes"

Please read the available docs.

> The attachment is my exim.conf file and 
> xinetd.

Running exim from inetd is not natively supported by the Debian
packages.


> .ifdef MAIN_TLS_ENABLE

That Macro is not set in your configuration, so TLS is completely
disabled.

> service exim-ssl
> {
> 	socket_type= stream
> 	protocol	= tcp
> 	port		= 465
> 	user		= root
> 	server		= /usr/bin/exim4
> 	server_args	= -bs -tls-on-connect
> 	wait		= no
> 	}

Ok, so you force a non-tls-enabled exim to to tls on connect. This
explains the certificate issues you might be having.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835

More information about the Pkg-exim4-users mailing list