[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Exim4 & SSL support

Josep Serrano ha scritto:

Hi Marco

It doesn't matter if you are using either heavy or light packages. You need to
enable the macro MAIN_TLS_ENABLE somwhere in your configuration files. It depends if
you are using monolitic or distributed configuration.

Read the file in /etc/exim4/conf.d/main/03_exim4_config_tlsoptions and you'll see
this macro enables the rest of the TLS options.

Then you need to create a set of SSL keys with openssl. You can use the utility
script exim-gencert for this purpose.

One last important thing, check that the user running your SMTP daemon has read
access to your SSL keys.


Regards,
Josep SERRANO



I have exim4-daemon-heavy (v. 4.50-8)  installed on my Linux Box with
Debian Sarge.

Can exim4 work with SSL support (port 465)?


Hi Josep,
I have this in my /etc/exim4/exim4.conf.template file:

log_selector = +tls_cipher +tls_peerdn
tls_advertise_hosts = *
tls_certificate = /etc/ssl/certs/exim4cert.pem
tls_privatekey = /etc/ssl/certs/exim4key.pem
When exim is started, if I try a netstat -punta |grep exim4 command I have this output : tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3781/exim4 
Exim don't use the port 465 (for smtps).
Infact, if I try to connect with an TLS encryption is OK, but if I try to connect with an SSL encryption (on port 25) 
the connection fail.

Any idea?

Thanks
Marco
Reply to: