[Pkg-exim4-users] Option "hosts_verify_avoid_tls" perhaps inadvertantly disabled

Marc Haber mh+pkg-exim4-users at zugschlus.de
Mon Jun 8 09:33:27 UTC 2015


Hi,

thanks for your report and your analysis.

On Mon, Jun 08, 2015 at 08:52:17AM +0100, Martin A. Brooks wrote:
> Exim 4.84 has a configuration option called hosts_verify_avoid_tls.  This
> controls whether or not specific hosts for which TLS should never be
> attempted when performing recipient callout checks. This option is not
> available when using exim4-daemon-heavy.   I think this may be unintended.
> 
> At lines 125..128 in src/transports/smtp.c we see:
> 
> #ifdef SUPPORT_TLS
>    { "hosts_verify_avoid_tls", opt_stringptr,
>        (void *)offsetof(smtp_transport_options_block,
> hosts_verify_avoid_tls) },
> #endif
> 
> As near as I can work out, SUPPORT_TLS is not set for exim4-daemon-heavy,
> but USE_GNUTLS is.  Thus we get most of the tls options available, but not
> this one.
> 
> The upshot of this is, as packaged, one cannot do recipient verification
> with remote hosts for which TLS is required.   Have I overlooked some
> obvious reason why this option is not available?

I guess that's an upstream bug. I would like to suggest filling one
with upstream Bugzilla so that it can be fixed upstream.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421



More information about the Pkg-exim4-users mailing list