Configure exim4 to use Microsoft Exchange as smarthost

exchange email-server exchange-2010 exim gnutls

Solution 1:

Does your organisation operate its own certificate authority for internal servers? Perhaps you need to add the CA certificates for the Exchange server into the certificate trust store for Exim? A lot of products don't report this error very well (I don't know if Exim does or not).

Wireshark (capture first on the server with tcpdump -p -s0 -w /tmp/foo.pcap then copy to a local workstation with Wireshark) should be able to show the server certificate send from Exchange, and if the client hangs up after that, then a missing CA certificate is a common cause.

Solution 2:

Our problem was rather specific to our setup. We have more than one Exchange Server running in parallel with a load balancer acting as AP. The LB was malconfigured which caused it to neglect to offer any authentication method bar NTLM and GSSAPI even after successful STARTTLS handshake.

In-depth testing via swaks jetmore.org (can highly recommend this tool) revealed this.

Related

How to disable SELINUX for systemd script?
HP MSA P2000 G3 Disk Scrubbing performance?
ChoiceField in Django model
Count occurrences of character per line/field on Unix
PHP to write Tab Characters inside a file?
Unable to access global variables in dispatch_async : "Variable is not Assignable (missing _block type specifier)" [duplicate]
How to load property file from classpath? [closed]
Get contents after last slash
ASP.NET MVC rendering seems slow
Angular2 CLI error "@angular/compiler-cli" package was not properly installed
Gradient colors in Internet Explorer
Create date from day, month, year fields in MySQL