Is there an Exim directives configuration explained?

Klymax

Member
Jan 10, 2020
8
2
3
Argentina
cPanel Access Level
Root Administrator
Hello.

I'm looking for a documentation on Exim's configuration file(s), that tells exactly what value or values should be entered in a particular directive, and exactly in what section of the file the directive should be placed.

On the official Exim documentation, they only mention what a particular directive is capable to do, but they don't tell us the possible and/or correct values, nor they tell where in the entire config file the directive have to be placed.

Well, thanks in advance guys.

~ceci
 

Klymax

Member
Jan 10, 2020
8
2
3
Argentina
cPanel Access Level
Root Administrator
Hi Lauren.
Of course.

I got this log:

Code:
2020-01-10 12:38:10.133 [1419] 1ipwMT-0000Mt-DB <= [email protected] H=(compras2) [201.222.[I].[/I]]:30589 I=[65.60.[I].[/I]]:25 P=esmtpa L- A=dovecot_login:[email protected] S=69568 M8S=0 RT=0.723s i[email protected] T="correo de prueba" from <[email protected]> for [email protected]
2020-01-10 12:38:10.173 [1422] 1ipwMT-0000Mt-DB Sender identification U=enercp D=senderdomain.com [email protected]
2020-01-10 12:38:10.173 [1422] 1ipwMT-0000Mt-DB SMTP connection outbound 1578670690 1ipwMT-0000Mt-DB senderdomain.com [email protected]
2020-01-10 12:38:11.906 [1425] 1ipwMT-0000Mt-DB TLS session: (SSL_connect): error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol: delivering unencrypted to H=mx-server.remotedomain.com [200.108.[I].[/I]] (not in hosts_require_tls)
2020-01-10 12:38:13.307 [1422] 1ipwMT-0000Mt-DB => [email protected] F=<[email protected]> P=<[email protected]> R=lookuphost T=remote_smtp S=71049 H=mx-server.remotedomain.com [200.108.[I].[/I]]:25 I=[65.60.[I].[/I]]50388 L C="250 ok 1578670697 qp 28368" QT=3.898s DT=1.370s
2020-01-10 12:38:13.307 [1422] 1ipwMT-0000Mt-DB Completed QT=3.899s
And the advice is to set the directive hosts_avoid_tls with the IP(s) of the server that Exim should not try to start a TLS session.
In another post, it says that this directive must go in the remote_smtp serction.

And of course, the line that throws the error is:
Code:
2020-01-10 12:38:11.906 [1425] 1ipwMT-0000Mt-DB TLS session: (SSL_connect): error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol: delivering unencrypted to H=mx-server.remotedomain.com [200.108.-.-] (not in hosts_require_tls)
I try this, but nothing. So I wanna know how and where to set a particular value.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,304
1,252
313
Houston
Hello,

There really isn't a configurable setting for this in cPanel/WHM's Exim Configuration Manager. This is occurring because the server does not accept SSL connections. The only real way around this is to allow SSLv3 connections on the server.
 

Klymax

Member
Jan 10, 2020
8
2
3
Argentina
cPanel Access Level
Root Administrator
Hello Lauren.
Thank you for your help.

I got 2 questions:

The server that does not accept SSL connections, is the remote server, right?
and
Can this be done on a per-domain basis? I mean, allowing SSLv3 for some MX servers.

Again, thank you!
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,304
1,252
313
Houston
The server that does not accept SSL connections, is the remote server, right?
and
Correct, and the only way your mail is being sent over an SSLv3 connection is in the instance you're using a mail client which utilizes this encryption method. Typically this is an older Outlook client.


You might look at the following threads: