[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

exim-tls just says "no, stupid!"

me: this should be easy.
exim-tls: no, you stupid moron!
me: isn't this fun?

On Sun, Jun 15, 2003 at 10:42:45PM -0700, Vineet Kumar wrote:
> * Will Trillich (will@serensoft.com) [030615 22:14]:
> > i've been fencing with exim-tls and am at the cusp of
> > surrendering. i hear that i could use a vpn to allow my
> > emailers to connect securely and send/receive email that
> > way, without having to wrestle exim to do the tls that's
> > supposed to be so simple...
> Hold it right there.  There's no way that setting up VPN
> clients for all of your clients will be easier than setting up
> exim-tls.  I just thought I'd warn you before you go pulling
> on the VPN rope that it's much easier to hang yourself with
> that than with tls/smtp.

probably. but with my luck, i'll get the most difficult thing to
work with the greated of ease, while the easy approach always
defeats me. but i'll try again--

> What problems have you faced trying to get exim-tls up and
> running?  I can share my config if you need it.

well, when i have the tls options enabled, eudora and outhouse
excess both claim the server doesn't speak ssl/tls -- and
sniffit shows only "EHLO <hostname>" and "QUIT" from the client,
even tho telnetting in to port 25 (smtp) shows "STARTTLS" as an

(certificate and public key seem okay; i'm even able to grok the
syntax to have an authenticator pull password fields out of a
"htpasswd"-created file...)

i even involved my favorite guru in on the debugging, too; we
have the exim book, heartened by the scenario at the bottom of
page 355; we tried changing things one-line-at-a-time in
exim.conf to see if we could track it down; and we were defeated
after about forty-six cumulative, and embarrassingly fruitless,
hours of trying.

very much NOT enjoyable.

but i haven't tried the ideas in the recently-posted url showing
an exim/tls step-by-step. i'm gonna do that next, and then i'll
be back when it doesn't work.

(not to mention what machinations i have to do to the windo~1
client software to get it to grok tls correctly...)

if you'd like to share your setup, i'd love to see it,
particularly if you annotate some of what's going on for the
befuzzled-about-tls out there (like me).

I use Debian/GNU Linux version 3.0-bunk-1;
Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown
DEBIAN NEWBIE TIP #2 from Will Trillich <will@serensoft.com>
Confused about using "apt-get" to keep your Debian UP-TO-DATE?
See http://newbieDoc.sourceForge.net/system/apt-get-intro.html

Also see http://newbieDoc.sourceForge.net/ ...

Reply to: