Make clients only use tls with smarthost

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index e0ac658bf09091de184e32a484c47481f667ba49..8038d0e6b4ace20c02f21ba63a3ad2e9b6157560 100644 (file)
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -1303,6 +1303,7 @@ remote_smtp_smarthost:
   out += nodeinfo['smarthost_port'].to_s + "\n"
   if has_variable?("exim_ssl_certs") && exim_ssl_certs == "true"
     out += '  tls_tempfail_tryclear = false
+  hosts_require_tls = ' + nodeinfo['smarthost'] + '
   tls_certificate = /etc/exim4/ssl/thishost.crt
   tls_privatekey = /etc/exim4/ssl/thishost.key
 '