Re: exim4 as a smarthost with TLS

To: debian-user@lists.debian.org
Subject: Re: exim4 as a smarthost with TLS
From: Reco <recoverym4n@enotuniq.net>
Date: Fri, 30 Jul 2021 19:25:34 +0300
Message-id: <[🔎] E1m9VKI-0004QT-Jk@enotuniq.net>
In-reply-to: <[🔎] 9eda91c1-b4b3-2821-8e48-23aee9d5852b@cegetel.net>
References: <[🔎] 9eda91c1-b4b3-2821-8e48-23aee9d5852b@cegetel.net>

	Hi.

On Fri, Jul 30, 2021 at 03:35:28PM +0200, rudu wrote:
> Still, a simple :
> $ mail -s test my.name@provider.fr
> ... ends up to show in # tail -f /var/log/exim4/mainlog :
> 2021-07-30 10:58:09 1m9OLJ-000cAf-Ss <= my.name@provider.fr U=rudu P=local S=461
> 2021-07-30 10:58:10 1m9OLJ-000cAf-Ss == my.name@provider.fr R=smarthost T=remote_smtp_smarthost defer (-37) H=smtpauth.provider.fr [185.204.xxx.xxx]: TLS
> session: (certificate verification failed): certificate invalid

Your exim certificate has nothing to do with this.
But your smarthost certificate certainly does.

Every time you try to send a mail, your exim checks certificate of
remote MTA, and it does not like what it sees.

> So, when I ran the command :
> # bash /usr/share/doc/exim4-base/examples/exim-gencert
> ... did I miss something that should be there ?

It's possible. Please provide an output of:

grep -i 'tls_.*verify' /var/lib/exim4/config.autogenerated

grep split exim4/update-exim4.conf.conf

Reco

Reply to:

Follow-Ups:
- Re: exim4 as a smarthost with TLS
  - From: Reco <recoverym4n@enotuniq.net>

References:
- exim4 as a smarthost with TLS
  - From: rudu <rudu@cegetel.net>

Prev by Date: Re: bash syntax
Next by Date: Re: exim4 as a smarthost with TLS
Previous by thread: exim4 as a smarthost with TLS
Next by thread: Re: exim4 as a smarthost with TLS
Index(es):
- Date
- Thread