i want to enforce STARTTLS for incoming emails via SMTP. Means, client must need to issue STARTTLS command before issuing MAIL FROM command. How can i achieve that ? please someone guide me. thanks
So far i tried to add ACL in exim4 config file but it didn’t work,
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL
drop !authenticated = *
message = Helo name contains an IP address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s
drop !authenticated = *
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop !authenticated = *
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address
accept hosts = : +relay_from_hosts
accept authenticated = *
accept senders = :
accept !hosts = : +relay_from_hosts
!sender_domains = +local_domains
deny message = Must issue a STARTTLS command first.