-
Notifications
You must be signed in to change notification settings - Fork 179
Q0741
How can I get Outlook Express to use TLS when authenticating?
If you check auth required in OE, it will authenticate as soon as it
sees AUTH LOGIN, in preference to STARTTLS. The trick is to advertise
things to OE in a certain order. The first EHLO should advertise
STARTTLS but not AUTH, and only the second EHLO (after TLS starts)
should advert AUTH. One way of achieving this is to put, in the main
section of your Exim configuration:
auth_advertise_hosts = ${if eq{$tls_cipher}{}{127.0.0.1}{*}}
This means that the only host to which AUTH is advertised is 127.0.0.1
when the session is not encrypted (that is, before TLS has started). The
idea here is that there's no need for encryption for anything coming via
the loopback interface. For an encrypted session, however, AUTH is
advertised to all hosts. You can also block the AUTH command itself for
unencrypted connections, by creating an ACL for acl_smtp_auth that is
something like this:
accept encrypted = *
accept hosts = 127.0.0.1
deny message = TLS encryption required before AUTH
- How do I block unwanted messages from outside my host?
- I don't want to block spam entirely; how can I inspect each message
- How can I test that my spam blocks are working?
- How can I test that Exim is correctly configured to use a DNS black list
- How can I use tcpwrappers in conjunction with Exim?
- How can I get POP-auth-before-relay (aka POP-before-SMTP) support in
- I have one or two cases where my host correctly rejects messages, but
- How can I run customized verification checks on incoming addresses?
- Does Exim apply RBL checks to error messages, those with an envelope
- I want to reject certain sender-recipient combinations, with a specific
- Will Exim allow me to create a file of regexs and match incoming
- I've hacked sendmail to make an ioctl call at the time of the SMTP RCPT
- I'd like to pass all messages through a virus-scanning system before
- Is there a way to configure Exim to reject mail to a certain local host?
- How can I get Exim to remove attachments from messages?
- How can I arrange for each user to have a file listing the only sender
- When using Nessus on a system that runs Exim, a number of security
- Could anyone points me to right rules to prevent sending/receiving
- I would like to have a per-user limit for the maximum size of messages
- I set
accept hosts=192.168.122.96/32in order to accept mail for - I have POP-before-SMTP set up on my Exim server, but some clients use
- I installed Amavis and it is working, but bounces are simply vanishing.
- I can't get Pine to work with PLAIN authentication; Exim keeps
- I have used
:fail:in some aliases; when one of these addresses is refused, I see the message on the log, but the response to the remote user is unknown user > instead of the message from the alias file. How can I change this? - I've set up some specific rejection messages for certain recipients, but
- My SMTP authentication can be bypassed by sending an unknown user name
- When a message has many recipients, how can I stop SpamAssassin_ from
- How do I use Exiscan, SA-Exim, SpamAssassin_, Clam Antivirus, Sophos
- How can I screen out addresses that are neither valid usernames or
- How can I use the same passwords for SMTP authentication as I use for
- Is there any defence I can use against spam sent through an open proxy?
- I would like to either warn or deny when a host uses an underscore in
- Is there any way to tell Exim not to lookup the IP address against any
- How do MailScanner_ and Exiscan compare? What are the pros and cons?
- How can I block non-FQDNs in HELO/EHLOs?
- Is it possible to tell exim to drop the connection after a server
- Is there some way to tell Exim not to consider 127.0.0.1 as a valid MX?
- How can I configure Exim to delay the SMTP connection if more than 10
- Does Exim support SPF?
- How can I change the MAIL FROM address that is used for callouts?
- How can I get Outlook Express to use TLS when authenticating?
- How do I stop Exim being an open relay?
- What should I put in my acl_smtp_rcpt?
- I've got a queue full of "bounce" messages. How do I get rid of them?