hi os ; centos 6 qmailtoaster, spamassassin, mysql, dovecot, clam
we are suddenly receiving TLS connect failed: timed out error on all our servers running qmail when emails are sent by our customer to the following domains hp.com, hpe.com, dbschenker.com, kamyn.co.ke the authentication by the customer is done correctly, email gets sent from the email client of the customer and emails recd by the server. however the mail lies in the queue till finally it bounces back to the sender with the message TLS connect failed. 2017-04-03 15:21:40.916522500 bounce msg 4468196 qp 33696 2017-04-03 15:21:40.916589500 end msg 4468196 2017-04-03 15:01:34.006986500 starting delivery 56232: msg 4468196 to remote a...@hpe.com 2017-04-03 15:21:40.869716500 delivery 56232: failure: TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again; _this_message_has_been_in_the_queue_too_long./ 2017-04-03 15:01:34.007035500 starting delivery 56233: msg 4468196 to remote xxx...@hpe.com 2017-04-03 15:21:40.851782500 delivery 56233: failure: TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again; _this_message_has_been_in_the_queue_too_long./ 2017-04-03 15:01:34.007150500 starting delivery 56234: msg 4468196 to remote dfdf...@hpe.com 2017-04-03 15:21:40.876609500 delivery 56234: failure: TLS_connect_failed:_timed_out;_connected_to_15.241.48.71./I'm_not_going_to_try_again; _this_message_has_been_in_the_queue_too_long./ this is happening since the last 10 days. There are no error details in the qmail logs. however emails sent from two of our window servers using mailenable, go through correctly to these domains. we have not changed anything on our qmail servers and all servers are identical in config. so it seems that there is common issue between all our qmail servers. our ssl certificates are the self signed ones (validity 10 years) created openssl genrsa -out x.key 2048 openssl req -new -key x.key -out x.csr openssl x509 -req -days 36500 -in x.csr -signkey x.key -out x.crt cat x.crt x.key > fqdn.crt tlsciphers file DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:EXP-RC4-MD5:EXP-RC4-MD5 could somebody help please rajesh
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com