On 06/08/2011 10:59 AM, Eric Shubert wrote: > On 06/08/2011 10:19 AM, ron wrote: >> Received: from unknown (HELO mail-out-01.healthways.com) (64.58.208.13) >> by mail2.nsii.net with (DHE-RSA-AES256-SHA encrypted) SMTP; 8 Jun 2011 >> 16:48:56 -0000 > > I'm not familiar enough with TLS to know exactly what DHE-RSA-AES256-SHA > is, but it appears that qmail is working with TLS and no spamdyke. > > Perhaps there something errant in spamdyke's implementation of this > particular combination of encryption options? > > I think it's time for Sam to have a look at this. >
Just re-read http://www.spamdyke.org/documentation/README.html#TLS: "Rarely, some situations will require specifying the list of encryption algorithms (ciphers) to be used during TLS. In those cases, the tls-cipher-list option can be used to pass a list of ciphers in the format expected by the OpenSSL library. The vast majority of spamdyke installations will not need this option -- the default list of ciphers is usually fine. To see the full list of available ciphers, run the command openssl ciphers." The default value for for the tls-cipher-list option is unfortunately not listed. I wonder, is this a spamdyke default, or the openssl default? Sam? Ron, what do you get from: # rpm -q openssl # openssl ciphers ? -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
