On 2015-06-24 at 14:06 -0700, Carl Byington wrote:
> Does Exim (immediately or delayed) retry that connection and
> (temporarily or permanently) ignore the offer of STARTTLS?
Depends upon the configuration. Assuming defaults, "yes".
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-enc
Hi Kurt,
At 01:16 17-06-2015, Kurt Jaeger wrote:
5.1. Locating the Target Host
can be read that MX records have preference, but it explizitly avoids
mentioning "A or " records if no MX is found. The sentence:
[...]
If an empty list of MXs is returned,
the address is treated as if it w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 2015-06-25 at 00:09 +0100, Brandon Long wrote:
> Not in front of a computer to check if we see failures like this, but
> we (google) stopped falling back to unencrypted connections >2y ago.
> This had an impact on a small number of misconfigur
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 2015-06-23 at 20:16 +, Phil Pennock wrote:
> A key issue though is that by default, Exim will fall back to
> unencrypted because encryption to MX is opportunistic.
Sendmail as a client sends EHLO, receives an offer of STARTTLS, sends
START
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 2015-06-23 at 12:27 -0500, Frank Bulk wrote:
> Is there a public list of such weak domains/MXes?
Well, I have a few from grepping my logs:
mail.ritz.edu
hawk.dcu.ie
inbound30.exchangedefender.com
smtp.raymondcorp.com
smtp1.raymondcorp.com
smt