[spamdyke-users] I can hardly make a SMTPS connection

Mon, 21 Sep 2009 13:26:09 -0700 

debian spamdyke-4.0.10

I get in syslog:
ep 21 20:11:54 server spamdyke[3211]: ERROR: unable to start SMTPS due to a
protocol failure; closing connection
Sep 21 20:11:56 server spamdyke[3213]: ERROR: unable to start SSL/TLS
connection: The operation failed due to an I/O error, Unexpected EOF found

server:/var/log# dpkg -l | grep ssl
ii  libssl-dev                     0.9.8c-4etch9          SSL development
libraries, header files and
ii  libssl0.9.7                    0.9.7k-3               SSL shared
libraries
ii  libssl0.9.8                    0.9.8c-4etch9          SSL shared
libraries
ii  openssl                        0.9.8c-3               Secure Socket
Layer (SSL) binary and related
ii  ssl-cert                       1.0.13                 Simple debconf
wrapper for openssl

cat /etc/spamdyke.conf
log-level=verbose
tls-level=smtps
tls-certificate-file=/etc/ssl/certs/stunnel.pem
smtp-auth-level=always
smtp-auth-command=/usr/bin/checkpassword /bin/true
relay-level=normal




cat /etc/init.d/qmail

....
rblsmtpd="/usr/local/bin/spamdyke -l -f /etc/spamdyke.conf"

#
# End of configuration
#

test -x /usr/sbin/qmail-start || exit 0
test -x /usr/sbin/qmail-send || exit 0

case "$1" in
    start)
        echo -n "Starting mail-transfer agent: qmail" $rblmsg
        sh -c "start-stop-daemon --start --quiet --user qmails \
                 --exec /usr/sbin/qmail-send \
                 --startas /usr/sbin/qmail-start -- \"$alias_empty\" $logger
&"
        # prevent denial-of-service attacks, with ulimit
        ulimit -v 16384
         sh -c "start-stop-daemon --start --quiet --user qmaild \
            --pidfile /var/run/tcpserver_smtpd.pid --make-pidfile \
            --exec /usr/bin/tcpserver -- -R -H \
            -u `id -u root` -g `id -g nobody` -x /etc/tcp.smtp.cdb 0 smtp \
            $rblsmtpd /usr/sbin/qmail-smtpd 2>&1 \
            | $logger &"

      sh -c "start-stop-daemon --start --quiet --user root \
            --pidfile /var/run/tcpserver_pop3d.pid --make-pidfile \
            --exec /usr/bin/tcpserver -- -R -H \
            0 pop-3 /usr/sbin/qmail-popup `hostname`.`dnsdomainname` \
            /usr/bin/checkpassword /usr/sbin/qmail-pop3d Maildir &"

        echo "."
        ;;
.....
......



At last a simple question. If a SMPTS connection is made, which ip-number
will be used in the filtering?
I made a test with stunnel and my emails always ended up with the ip numper
127.0.0.1 which spamdyke all the time accepted without authentication.
I want spamdyke to accept all mails sent from the server itself without
authentication but clients making remote connection shall always be
authenticated even when a ssl tunnel is used.

Best regards
 David

_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Reply via email to