On Fri, Jan 10, 2025 at 10:31:12AM +0100, Gandalf Corvotempesta via Exim-users wrote: > Also, the server seems to get the error sent directly from the client > when it's closing the connection, so the client i think will be able > to also send the real error to the server, isn't it?
No, SSL/TLS alert structure has "AlertLevel" (number) and code, called "AlertDescription" (also number, not a text string). Particularly, code 42 means "bad certificate". It's not possible to send arbitrary supplemental text, as could be done with SMTP. This situation may be considered as a design flaw of SSL/TLS protocol. However, philosophy "security by obscurity" considers such approach as good thing, because detailed explanation of error helps to increase attack surface. -- Eugene Berdnikov -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
