0

Here what exim does when sends emails to gmail and other SMTP severs

Received: from ns01.virtex.kz (ns1.virtex.kz. [185.141.164.16])
        by mx.google.com with ESMTP id i11-20020a5d55cb000000b002c54fb628bdsi5544805wrw.640.2023.03.05.01.42.36
        for <nurike@gmail.com>;
        Sun, 05 Mar 2023 01:42:37 -0800 (PST)

What I do expect:

Received: from NeverDesktop ([112.43.229.83])
        by smtp.gmail.com with ESMTPSA id kn4-20020a170903078400b00192aa53a7d5sm4893002plb.8.2023.03.05.06.46.55
        for <nurike@gmail.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 05 Mar 2023 06:46:57 -0800 (PST)

If set to REMOTE_SMTP_HOSTS_REQUIRE_TLS = * exim can't send emails anymore.

2023-03-05 15:09:18 1pYkMo-001Jc2-0S H=gmail-smtp-in.l.google.com [66.102.1.26]: a TLS session is required, but the server did not offer TLS support
2023-03-05 15:09:18 1pYkMo-001Jc2-0S H=alt1.gmail-smtp-in.l.google.com [142.250.153.26]: a TLS session is required, but the server did not offer TLS support
2023-03-05 15:09:18 1pYkMo-001Jc2-0S H=alt2.gmail-smtp-in.l.google.com [142.251.9.26]: a TLS session is required, but the server did not offer TLS support
2023-03-05 15:09:18 1pYkMo-001Jc2-0S H=alt3.gmail-smtp-in.l.google.com [142.250.150.26]: a TLS session is required, but the server did not offer TLS support
2023-03-05 15:09:20 1pYkMo-001Jc2-0S H=alt4.gmail-smtp-in.l.google.com [74.125.200.27]: a TLS session is required, but the server did not offer TLS support

So how to teach exim to send over TLS?

Falseclock
  • 11
  • 2
  • 1
    Are you behind a filtering proxy or a "spam filter" gateway? Such systems will intercept SMTP and hide the STARTTLS offer from EHLO. – user1686 Mar 06 '23 at 05:45
  • @user1686 Looks like not: # openssl s_client -starttls smtp -connect smtp.gmail.com:25 -crlf CONNECTED(00000003) Didn't find STARTTLS in server response, trying anyway... – Falseclock Mar 07 '23 at 13:26

0 Answers0