-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected]>, Jeremy Harris <[email protected]> writes
>On 26/04/16 11:24, Richard Clayton wrote: >> In message <[email protected]>, Jeremy Harris >> <[email protected]> writes >> >>> So much for encouraging people to actually use security. >> >> There's a difference between "encouragement" and subtly breaking >> existing configurations > >The logged error was too subtle? If you mean 2016-04-25 03:01:00 Warning: No server certificate defined; TLS connections will fail. Suggested action: either install a certificate or change tls_advertise_hosts option that's a warning, not an error :) If you mean the error that is logged for the delivery failure: I generally find that my logs a bit verbose for regular reading ... I just look at them when things break, and when most email is turning up just fine I tend to just ignore them. When I did realise I had a problem I found the log said 2016-04-25 00:23:00 TLS error on connection from mrout1-b.corp.bf1.yahoo.com [98.139.253.104]:26298 (SSL_accept): error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher 2016-04-25 00:23:00 TLS client disconnected cleanly (rejected our certificate?) and that is indeed subtly hinting that the cert (which in my case I have not got) is at the root of the problem ... but it's not really recording (ie: the subtlety continues) the actually relevant event (that a 4xx has been presented to the remote machine) the cleanliness makes it all sound better than it is :( - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a Benjamin little temporary Safety, deserve neither Liberty nor Safety. Franklin -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBVx9Ojzu8z1Kouez7EQLQ/QCePTxMYg/qf6HFA19AiatH1mna2K4AoPef EOSSHrg+PvndPk3wmjkEhscM =3KC0 -----END PGP SIGNATURE----- -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
