lists at penpal4u
Mar 29, 2011, 10:32 PM
Post #3 of 3
On 29 Mar 2011 08:35:02 -0600
<amb-sendok-1304001303.ofelnnhlhpppcmmbeial [at] bradfords> wrote:
> Thus said Christian Lerrahn on Tue, 29 Mar 2011 20:44:00 +1100:
> > The problem I'm having is that in about 90% of all cases the
> > SSL handshake with Netqmail on SMTPS fails. The percentage is
> > slightly lower for STARTTLS but still significant.
> Unlikely that it has anything to do with Xen. What
> did strace/truss/ktrace tell you? My guess is that they will tell
> you that you didn't give the process enough memory for the
> additional overhead that SSL requires in your qmail-smtpd/run script.
I haven't straced the process, yet, because I didn't have a test system
where I could easily do that. But I can't see how that would make any
sense, anyway. In fact, I know the memory problem but it usually shows
in the logs as a failure to load libraries. No matter how much memory I
allocate to qmail-smtpd (via softlimit), the problem remains the same.
There are three things that puzzle me.
1. The problem only occurs erratically.
2. Even with almost the same patchset, I have never seen this problem
on a physical server before.
3. Nothing appears in the logs other than tcpserver writing an error
4. The problem is less common on STARTTLS than on SSL but exists on
I'll see if I can test the same binary on a physical machine (had none
to try so far) and report back if there is any new findings.