On Sat, Jan 05, 2008 at 09:31:40PM +1100, Andrew McGlashan wrote: > Marc Haber wrote: > >So you only have ssl_on_connect_port=465 in your exim configuration > >and no other port number? And you get a clear text banner when you > >connect to tcp/25 or tcp/587? And you get a banner when you use > >gnutls-cli -p 465 _without_ the -s option? > > www:/tmp# grep ssl_on_connect_port /var/lib/exim4/config.autogenerated > > - so no ssl_on_connect_port entry in my config...
yes, it is ports. Typo. > But I do have the following: > > www:/tmp# grep 587 /var/lib/exim4/config.autogenerated > tls_on_connect_ports=465:587 So you are not using ESMTP STARTTLS on tcp/587, which might be a reason why your clients don't work. I am not aware of any software that is broken _that_ badly to use SMTP over SSL on tcp/587. > www:/tmp# gnutls-cli -p 465 127.0.0.1 > Resolving '127.0.0.1'... > Connecting to '127.0.0.1:465'... > - Successfully sent 0 certificate(s) to server. > - Certificate type: X.509 > - Got a certificate list of 1 certificates. > > - Certificate[0] info: > # The hostname in the certificate does NOT match '127.0.0.1'. > # valid since: Thu Oct 25 21:11:06 EST 2007 > # expires at: Sun Oct 22 22:11:06 EST 2017 > # fingerprint: F6:9D:DB:E5:BC:EA:59:CC:F4:81:0A:D1:56:81:11:1E > # Subject's DN: CN=mail.affinityvision.com.au > # Issuer's DN: CN=Affinity Vision Australia Pty Ltd > > > - Peer's certificate issuer is unknown > - Peer's certificate is NOT trusted > - Version: TLS 1.0 > - Key Exchange: DHE RSA > - Cipher: AES 256 CBC > - MAC: SHA > - Compression: NULL > - Handshake was completed > > - Simple Client Mode: > > 220 mail.affinityvision.com.au ESMTP Exim 4.63 Sat, 05 Jan 2008 21:23:56 > +1100 That looks as properly configured as SMTP over SSL on tcp/465 can be. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
