Bug#370790: Debian README for exim4 misleading re TLS.

Marc Haber mh+debian-packages at zugschlus.de
Tue Jun 6 20:06:45 UTC 2006 

On Tue, Jun 06, 2006 at 12:19:01PM -0700, David Lawyer wrote:
> My ISP started requiring TLS authentication so I checked the exim document
> supplied by Debian: README.Debian.gz.

TLS and authentication are two completely different things. There are
common setups that

- don't support TLS and do not require authentication
- support TLS and do not require authentication
- don't support TLS and do require authentication
- support TLS and do require authentication
- require TLS and require authentication

All of them are about equally common.

> Since I was going to use TLS as a client, it looks like I have nothing
> to do.  So I did nothing and found that my outgoing email was rejected
> by my ISP and became frozen.  After many hours of checking and
> debugging I found that I needed to fill in the file
> /etc/exim4/passwd.client.  Then all was OK.

So your ISP seems to be requiring both TLS and authentication.

> Perhaps this isn't part of TLS,

it is not.

> but prior to my ISP requiring TLS, my
> email worked fine with nothing in this file

your ISP seems to have started requiring authentication as well.

> Someone else on the Internet seems to have had similar problems.  He
> (like me) read that you don't need to do anything to get TLS if you're
> a client.  But apparently, the changes resulted in passwd.client being
> required.  So the doc might reference the section about passwd.client
> prior to telling readers to stop reading.

The documentation is correct.

> Or better, exim could
> produce an error message in the logs saying it found nothing (or
> incorrect info) in passwd.client.

SMTP doesn't allow to find out automatically whether a message is
being rejected because of missing authentication or because of some
other reason.

I'm afraid that the origin of this bug is a misunderstanding on your
side about basic SMTP mechanisms (mixing up TLS and authentication),
and that there is nothing that the Debian exim packages can do.

I have removed the "stop reading now" part of the README file since I
actually want people to read the file in its entirety.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835

More information about the Pkg-exim4-maintainers mailing list