Does an Exim server advertise STARTTLS by default?
Marc Haber
mh+pkg-exim4-users at zugschlus.de
Thu Sep 14 18:25:30 BST 2023
On Thu, Sep 14, 2023 at 04:03:11PM +0000, u34 at net9.cf wrote:
> Referring to /usr/share/doc/exim4-base/README.Debian.gz:
> Section 2.2.2. TLS support for Exim as server, reads
>
> To enable use of the installed certificates set the macro
> MAIN_TLS_ENABLE in a local configuration file as described in
> Section 2.1.3, "Using Exim Macros to control the configuration".
>
> After this configuration, Exim will advertise STARTTLS when connected
> to on the normal SMTP ports.
>
> I have a difficulty with the word After. In particular, After what? The
> way I understand it, the README states STARTTLS will be advertised after
> setting the macro MAIN_TLS_ENABLE. Which, I think, is wrong. My
> understading is STARTTLS is advertised without setting MAIN_TLS_ENABLEtoo.
> If this is not the case, why bother with the automatic generation of the
> self signed certificate?
You're right. Upstream flipped the default for tls_advertise_hosts years
ago, and you're the first noticing the docs being wrong.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-exim4-users
mailing list