[Pkg-exim4-users] configuring exim4 smtp to use SSL

Nick Guerette nick at mosaic-industries.com
Mon Mar 16 20:18:48 UTC 2015


On 3/15/2015 8:20 PM, Gary Dale wrote:
> I did add tls_on_connect_ports = 465 to exim4.conf.localmacros, which 
> is supposed to cover the SSL on connect issue.
The option tls_on_connect_ports is for incoming connections to your 
server, from clients that do not support STARTTLS.  In order to enable 
the use of TLS on connect, or "SMTPS" when sending outgoing messages 
from your server through another SMTP server (smarthost) you need to add 
the following to the remote_smtp_smarthost section of the exim4 config 
file template(s) - either /etc/exim4/exim4.conf.template or 
/etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost (in my 
case, Debian Jessie; do not know if it's changed from Wheezy), and 
regenerate the config file with dpkg-reconfigure:

   protocol = smtps

See the description of the "protocol" option here: 
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_smtp_transport.html

This took me a day or two to figure out.  "SMTPS" was deprecated so hard 
that port 465 was officially reassigned, but it seems common for ISPs to 
still run SMTP servers that do not support STARTTLS.



More information about the Pkg-exim4-users mailing list