Kevin, I've spent 20 hours of work debugging this situation at the packet level. Try testing with emails that are at least 2K long in the body for your tests. See if that give you 100% failures. If it does it would give me confirmation of my detective work. In my setup, all short (<1000 char) emails work all long ones fail with SSL/TLS. It seems that something is unreliable with ASSP/IO::Socket::SSL/SSLeay chain when the DATA section of the message is more than one packet (about 1458 bytes). The certificate is not likely the issue since you have gotten some email to work. I we have self signed certs and the mail clients all ask what to do when contacting the server the first time. Alan
On Apr 6, 2009, at 10:00 AM, J.R. Oldroyd wrote: > On Mon, 6 Apr 2009 16:31:27 +0100, "Kevin Lawry" <kevin.la...@ndfs.co.uk > > wrote: >> >> Is there any way (other than by quizzing the senders sys-op) of >> knowing >> if it _is_ key verification that is the problem - I would happily >> spend >> the money if it would fix things but I would need to provide a cost >> justification to my boss. >> > You have already indicated the problem is intermittent for the > same clients. That strongly suggests they're not verifying keys > else the problem would happen all the time. > > There isn't an easy way for you to tell if they are verifying, > though. But I would imagine that a well-designed client that is > verifying and saw a verification failure would then close the > connection cleanly, rather than abandoning it and letting it > timeout. > > More likely a low-level problem. > > Shop around for certificate signing agencies, by the way. Not all > are expensive: some are even free. I doubt you have a key > verification > problem, though. Most email systems don't verify. > > -jr > > ------------------------------------------------------------------------------ > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
