On 3/28/23 15:59, Mike Tubby via Exim-users wrote:
Hi Olaf,outbound_force_tls: driver = dnslookup domains = +tls_force_remote_domains transport = remote_smtp_force_tls outbound_lookup: driver = dnslookup domains = ! +local_domains transport = remote_smtp ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more and then this in my transports: remote_smtp: driver = smtp remote_smtp_force_tls: driver = smtp hosts_require_tls = * hosts_try_fastopen = !*.l.google.com tls_require_ciphers = HIGH:!SRP:!PSK:!SHA:@STRENGTH
Hi Mike, thanks for your code. But my question was not how to implement "domains-with-force-TLS" This is already solved and I ended up with two almost identical routers and two almost identical transports. Your config also uses 2 routers and 2 transports. In my case these routers and transports are lengthy and also do all of the DKIM signing stuff. And my question was to rid of the second router and transport and to consolidate my code. Jeremys proposal sounded promising at first look, but after his correction that I have to use "max_rcpts = 1" and that these are my main routers / transports handling ~200k Mails per day I decided still to live with 2 pairs of routers and transports and keep in mind, when I change one of them, I have to change the other one as well. "max_rcpts = 1" seems to "expensive" in my use case. Regards , Olaf -- Karlsruher Institut für Technologie (KIT) Steinbuch Centre for Computing (SCC) Dipl.-Geophys. Olaf Hopp Zirkel 2 Gebäude 20.21, Raum 316 76131 Karlsruhe Telefon: +49 721 608-48009 E-Mail: olaf.h...@kit.edu Web: www.scc.kit.edu Sitz der Körperschaft: Kaiserstraße 12, 76131 Karlsruhe KIT - Die Forschungsuniversität in der Helmholtz-Gemeinschaft
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/