On 11 Apr 2023, at 17:43, Peter via Exim-users <exim-users@exim.org> wrote:
> In absence of progress to have exim apply TLS-on-connect to server port
> 465 I'm trying non-TLS to port 587 as a simpler first objective. =8~/
Your error has nothing to do with TLS at all:
20:33:41 1656 LOG: MAIN PANIC
20:33:41 1656 failed to expand "<; ${if exists{/etc/exim4/passwd.client}
{${lookup{$host}nwildlsearch{/etc/exim4/passwd.client}{$host_address}}}{} }"
while checking a list: failed to open /etc/exim4/passwd.client for linear
search: Permission denied (euid=106 egid=113)
The reason your Exim (as a client) is speaking over STARTTLS is because the
transport is configured by default to do precisely that.
>From
>https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html
> (sec 10):
"If Exim is built with TLS support, and TLS is advertised by a server, the smtp
transport always tries to start a TLS session. However, this can be prevented
by setting hosts_avoid_tls (an option of the transport) to a list of server
hosts for which TLS should not be used."
But in any case, your problem is on your filesystem rather than on-the-wire.
Graeme
PS patches welcome for wishlist items :)
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
