Hi List,
Since having setup the cipher-policy to DEFAULT I had no more failures
for wrong ciphersuite.
Even the hornetservers can be reached (they told me they accept TLS1.2
and TLS1.3 only).
Until having changed the policy I routed all mails to domains that
didn't accept my ciphers via my
In my maillog I get messages like this. The user/domain/ip have
been changed, but they are all valid:
spamdyke[10162]: DENIED_RDNS_RESOLVE from: fromu...@domain.com
to: tou...@otherdomain.com origin_ip: 162.xxx.sss.yyy origin_rdns:
when you run the command
update-crypto-policies --set 'POLICY'
it actually modifies the file
/etc/crypto-policies/back-ends/opensslcnf.config
If you set to DEFAULT you may be able to modify the file with the
correct cipher
Eric
On 2/23/2022 9:49 AM, xaf wrote:
Peter Peltonen a écrit le
No, I miss spoke, I meant the server you have with qmail-1.03-2.2.1
On 2/23/2022 8:53 AM, Peter Peltonen wrote:
You mean my server with qmail-1.03-3.3.1.qt.md.el8.x86_64 (not
qmail-1.03-2.2.1) with the LEGACY setting?
As far as I know the only problem I am having is with the
hornetsecurity.com
You mean my server with qmail-1.03-3.3.1.qt.md.el8.x86_64 (not
qmail-1.03-2.2.1) with the LEGACY setting?
As far as I know the only problem I am having is with the
hornetsecurity.com servers. But to be honest I have not really been
monitoring the logs that carefully, that's the only server I've
Does your legacy server qmail-1.03-2.2.1 send to all?
On 2/23/2022 8:03 AM, Peter Peltonen wrote:
Here is another error I have now seen qmail/send log about 10 times in
the recent hour:
TLS_connect_failed:_error:141A318A:SSL_routines:tls_process_ske_dhe:dh_key_too_small
And this has now
Here is another error I have now seen qmail/send log about 10 times in
the recent hour:
TLS_connect_failed:_error:141A318A:SSL_routines:tls_process_ske_dhe:dh_key_too_small
And this has now happened with two pretty big local service provider's
servers as well. I don't think I can continue with
If I remember correctly it had something to do with Dovecot
On Feb 23, 2022, 2:25 AM, at 2:25 AM, Peter Peltonen
wrote:
>Hello,
>
>Okay I now tested::
>
>With LEGACY (which I had earlier) I get the
>SSL_routines:set_client_ciphesuite:wrong_cipher_returned error in
>qmail/send log:
>
>But with
I've been now monitoring my qmail/send log and there has been now two
instances of a new error:
TLS_connect_failed:_error:1425F102:SSL_routines:ssl_choose_client_version:unsupported_protocol
The other one was my own very old qmail box that can do only
TLSv1.0/TLSv1.1. So apparently the new
Hello,
Okay I now tested::
With LEGACY (which I had earlier) I get the
SSL_routines:set_client_ciphesuite:wrong_cipher_returned error in
qmail/send log:
But with DEFAULT I get Remote_host_said:_250_2.0.0_OK_accept as the result
And I did the test without rebooting nor restarting qmail.
So
10 matches
Mail list logo
