Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Qmail: users

TLS stopped working

  

 
Qmail users RSS feed   Index | Next | Previous | View Threaded


qmail at jfoo

Mar 15, 2009, 6:49 AM

Post #1 of 5 (1219 views)
Permalink
TLS stopped working
Hi Y'all,

I'm running netqmail with a few patches, including the tls/auth patch.
It used to work, and stopped sometime in the past couple of months.
(I had forgotten to check the 'use TLS' box on my laptop e-mail
client, so I didn't notice).

I've removed the STARTTLS capability for now, but I'd like to fix it.

I recreated the certificate (which had been expired for a while,
I'm the only one using this server so I just lived with the
cert expired message), and that didn't help.

The only thing I've been able to track down is this
error message (using Sylpheed):

**LibSylph-WARNING:SSL_connect() failed with error 1,
ret=0(error:14094410:SSL

routines:SSL3_READ_BYTES:sslv3 alert handshake failure)



**LibSylph-WARNING: cant start TLS session.

I also get errors using Thunderbird, and my backup mail system
won't send messages on to me, so it isn't a Sylpheed problem,
it's definitely in my qmail.

Any suggestions on where to look for this?

Thanks very much,

j


dibl283 at gmail

Mar 15, 2009, 10:11 AM

Post #2 of 5 (1145 views)
Permalink
Re: TLS stopped working [In reply to]
Hi John,

> I'm running netqmail with a few patches, including the tls/auth patch.
> It used to work, and stopped sometime in the past couple of months.

I seem to remember a mention of an incompatible newer version of libssl
floating around. If memory serves, it was Debian based system that might
experience the problem, but I'm not sure about that. If you've upgraded your
system, you may have accepted the newer version of libssl. Sorry I don't
have the specific reference for you, you'll have to search the list
archives. Perhaps someone else on the list can cite chapter and verse for
you to point you in the right direction.

-- David


qmail at jfoo

Mar 15, 2009, 12:33 PM

Post #3 of 5 (1137 views)
Permalink
Re: TLS stopped working [In reply to]
David I. Bell wrote:
> Hi John,
>
> > I'm running netqmail with a few patches, including the tls/auth patch.
> > It used to work, and stopped sometime in the past couple of months.
>
> I seem to remember a mention of an incompatible newer version of libssl
> floating around. If memory serves, it was Debian based system that
> might experience the problem, but I'm not sure about that. If you've
> upgraded your system, you may have accepted the newer version of
> libssl. Sorry I don't have the specific reference for you, you'll have
> to search the list archives. Perhaps someone else on the list can cite
> chapter and verse for you to point you in the right direction.

Thanks for the reply. I forgot to mention I upgraded from
Ubuntu Dapper Drake to Hardy Heron last Saturday, that definitely
could be the cause. I'll search the archives...

j


ml-qmail at epigenomics

Mar 16, 2009, 1:22 AM

Post #4 of 5 (1131 views)
Permalink
Re: TLS stopped working [In reply to]
On 15 Mar 2009 14:33:04 -0500,
"John Gateley" <qmail[at]jfoo.net> wrote:
>
> Thanks for the reply. I forgot to mention I upgraded from
> Ubuntu Dapper Drake to Hardy Heron last Saturday, that definitely
> could be the cause. I'll search the archives...

You have to recompile from your qmail sources as the libssl version has
changed.

Regards
--
Robert Sander Senior Manager Information Systems
Epigenomics AG Kleine Praesidentenstr. 1 10178 Berlin, Germany
phone:+49-30-24345-0 fax:+49-30-24345-555
http://www.epigenomics.com robert.sander[at]epigenomics.com


qmail at jfoo

Jun 10, 2009, 10:48 PM

Post #5 of 5 (749 views)
Permalink
Re: TLS stopped working [In reply to]
ml-qmail[at]epigenomics.com wrote:
> On 15 Mar 2009 14:33:04 -0500,
> "John Gateley" <qmail[at]jfoo.net> wrote:
>> Thanks for the reply. I forgot to mention I upgraded from
>> Ubuntu Dapper Drake to Hardy Heron last Saturday, that definitely
>> could be the cause. I'll search the archives...
>
> You have to recompile from your qmail sources as the libssl version has
> changed.

It's been a while, but just wanted to say thanks to everyone.
I moved the server to a virtual hosting service, rebuilt
qmail, and everything is back to normal.

j

Qmail users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.