On Sat, Oct 30, 2021 at 12:01:39AM +0100, Dominik Vogt via Exim-users wrote:
> The local Exim is set up to relay outgoing mail that is sent by > user X to server B and all other outgoing mail to server A. Both > servers require TLS for outgoing mail. But Exim does not use TLS > for server B and generates this log message: > > ... TLS session: (certificate verification failed): certificate > invalid: delivering unencrypted to H=<server-b> [<ip-address>] > (not in hosts_require_tls) Is it really true that for lack of valid certificate there's a way to get Exim to fall back to cleartext instead??? Either certificate validation is required, and in which delivery must be deferred when validation fails, or else validation is *not* required, in which case Exim should proceed despite certificate verification failure. The reported behaviour should be impossible, or at least very difficult to configure without ignoring warnings that it makes no sense. -- Viktor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/