Re: exim4 as a smarthost with TLS

[Reco <recoverym4n@enotuniq.net>]

On Fri, Jul 30, 2021 at 07:25:34PM +0300, Reco wrote:
> 	Hi.
> 
> On Fri, Jul 30, 2021 at 03:35:28PM +0200, rudu wrote:
> > Still, a simple :
> > $ mail -s test my.name@provider.fr
> > ... ends up to show in # tail -f /var/log/exim4/mainlog :
> > 2021-07-30 10:58:09 1m9OLJ-000cAf-Ss <= my.name@provider.fr U=rudu P=local S=461
> > 2021-07-30 10:58:10 1m9OLJ-000cAf-Ss == my.name@provider.fr R=smarthost T=remote_smtp_smarthost defer (-37) H=smtpauth.provider.fr [185.204.xxx.xxx]: TLS
> > session: (certificate verification failed): certificate invalid
> 
> Your exim certificate has nothing to do with this.
> But your smarthost certificate certainly does.
> 
> Every time you try to send a mail, your exim checks certificate of
> remote MTA, and it does not like what it sees.
> 
> > So, when I ran the command :
> > # bash /usr/share/doc/exim4-base/examples/exim-gencert
> > ... did I miss something that should be there ?
> 
> It's possible. Please provide an output of:
> 
> grep -i 'tls_.*verify' /var/lib/exim4/config.autogenerated
> 
> grep split exim4/update-exim4.conf.conf

A typo.

grep -i 'tls_.*verify' /var/lib/exim4/config.autogenerated

grep split /etc/exim4/update-exim4.conf.conf

Reco