Martin A. Brooks
2015-06-08 07:52:17 UTC
Hello
Exim 4.84 has a configuration option called hosts_verify_avoid_tls. This
controls whether or not specific hosts for which TLS should never be
attempted when performing recipient callout checks. This option is not
available when using exim4-daemon-heavy. I think this may be unintended.
At lines 125..128 in src/transports/smtp.c we see:
#ifdef SUPPORT_TLS
{ "hosts_verify_avoid_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block,
hosts_verify_avoid_tls) },
#endif
As near as I can work out, SUPPORT_TLS is not set for exim4-daemon-heavy,
but USE_GNUTLS is. Thus we get most of the tls options available, but not
this one.
The upshot of this is, as packaged, one cannot do recipient verification
with remote hosts for which TLS is required. Have I overlooked some
obvious reason why this option is not available?
Regards
Martin A. Brooks
Exim 4.84 has a configuration option called hosts_verify_avoid_tls. This
controls whether or not specific hosts for which TLS should never be
attempted when performing recipient callout checks. This option is not
available when using exim4-daemon-heavy. I think this may be unintended.
At lines 125..128 in src/transports/smtp.c we see:
#ifdef SUPPORT_TLS
{ "hosts_verify_avoid_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block,
hosts_verify_avoid_tls) },
#endif
As near as I can work out, SUPPORT_TLS is not set for exim4-daemon-heavy,
but USE_GNUTLS is. Thus we get most of the tls options available, but not
this one.
The upshot of this is, as packaged, one cannot do recipient verification
with remote hosts for which TLS is required. Have I overlooked some
obvious reason why this option is not available?
Regards
Martin A. Brooks