Nigel, Thank you for taking the trouble to help. Now that I have moved the private key file to /etc/exim4 all is working fine: outgoing emails are being signed properly. Great! But I don't understand why. (Don't feel obliged to reply ..... but I'd love to know!)
On 24 Mar 2012, at 19:51, Nigel Metheringham wrote: > What user is exim running as? top shows a numerical user id that is not in /etc/passwd so I was then uncertain as how to set file ownership and group I chose user Debian-exim and its group: ssl-cert ... should I remove Debian-exim from group ssl-cert? > What are the ownership and permissions on /etc/ssl and /etc/ssl/private ? I (naively?) believed that the file permissions were what determined for whom the file is readable, and not the permissions of the directory in which the file exists. /etc/ssl's permissions: drwxr-xr-x 4 root root 4096 2012-02-15 11:59 ./ drwxr-xr-x 100 root root 4096 2012-03-25 02:34 ../ ... drwx--x--- 2 root ssl-cert 4096 2012-03-25 10:11 private/ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
