[Pkg-exim4-users] TLS timeouts
Ross Boylan
ross at biostat.ucsf.edu
Tue Sep 19 16:39:19 UTC 2006
On Mon, Sep 18, 2006 at 01:35:14PM -0700, Ross Boylan wrote:
> On Mon, Sep 18, 2006 at 10:27:06PM +0200, Marc Haber wrote:
> > On Mon, Sep 18, 2006 at 01:24:56PM -0700, Ross Boylan wrote:
> > > > How much entropy do both boxes have?
> > > Is there a way to measure that?
> >
> > cat /proc/sys/kernel/random/entropy_avail
> 4096
> >
> > > They aren't doing much, so don't have many events that could be used
> > > for entropy.
> > > >Is gnutls-bin installed?
> > > No, on either box.
> >
> > Please try installing gnutls-bin on the box that is the one acting as
> > SMTP server.
> Done. Is that something exim uses if available? It just sounds like
> some utilities from the package description:
>
> This package contains a commandline interface to the GNU TLS library,
> which can be used to set up secure â connections from e.g. shell
> scripts.
>
Since installing the package (but without restarting exim) the logs
show only a single TLS error. That is a repeat of the "Decryption has
failed error" below. These errors all involve the same sending
machine, and are for legitimate mail, not spam. The message
eventually arrived via unencrypted transport.
>
> Do I need to restart exim?
>
> Since my last restart, I'm getting a few errors:
> 2006-09-18 13:20:43 TLS error on connection from xxx
> (gnutls_handshake): Decryption has failed.
>
> I changed the remote host to xxx above. However, the other hosts that
> were having problems seem to be doing OK now.
>
> Ross
More information about the Pkg-exim4-users
mailing list