arch ? # uname -a On 06/09/2011 05:13 AM, ron wrote: > OS is Centos 5.6 > Linux kernel is 2.6.18-238.9.1.el5 > Server is a DL380 G4 > Centos runs under VMWare ESXi 4.0 > > Here is the "run" file. > > #!/bin/sh > QMAILDUID=`id -u vpopmail` > NOFILESGID=`id -g vpopmail` > MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` > SPAMDYKE="/usr/local/bin/spamdyke" > SPAMDYKE_CONF="/etc/spamdyke/spamdyke.conf" > SMTPD="/var/qmail/bin/qmail-smtpd" > TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" > HOSTNAME=`hostname` > VCHKPW="/home/vpopmail/bin/vchkpw" > REQUIRE_AUTH=0 > > exec /usr/bin/softlimit -m 20000000 \ > /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ > -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ > $SPAMDYKE --config-file $SPAMDYKE_CONF \ > $SMTPD $VCHKPW /bin/true 2>&1 > > On 6/8/2011 4:50 PM, Sam Clippinger wrote: >> OK, I'll try to run back through this thread and respond to the various >> questions in one email... >> >> To turn off TLS in spamdyke, you can do one of several things. You can >> prohibit both spamdyke and qmail from using TLS by using this option: >> tls-level=none >> Or you can simply remove/comment out the tls-certificate-file option to >> allow spamdyke to pass encrypted traffic through to qmail. That will >> bypass some of spamdyke's filters but would allow you to continue to >> receive encrypted email. >> >> spamdyke does not implement TLS or SSL on its own, it just calls the >> installed OpenSSL library for encryption/decryption as needed. The >> version you have installed looks fine to me (my own server has 0.9.7f >> installed) and since TLS works with qmail, it should work with >> spamdyke. From the headers you sent, it looks like the remote server is >> running Windows Server 2003, probably with Exchange 2003. I correspond >> regularly with clients on that same setup (as you did before installing >> spamdyke), so I doubt the remote server is at fault. >> >> By default, spamdyke specifies the cipher list as "DEFAULT" (unless you >> override that with the "tls-cipher-list" option). The meaning of >> "DEFAULT" depends on your version of OpenSSL and the way it was >> compiled. Typically, it includes all of the usable ciphers that aren't >> known to be too weak or too computationally expensive. See this page >> for more details: >> http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS >> >> Overall, I don't see anything wrong with your configuration file. I'm >> curious to know what OS, version and architecture you're using. My #1 >> suspicion is that spamdyke is running out of memory. Can you check your >> "run" file where the spamdyke command line is located and look for the >> "softlimit" command? Try doubling/tripling that number and see if this >> problem persists (don't forget to restart tcpserver after you change the >> "run" file). >> http://www.spamdyke.org/documentation/FAQ.html#TROUBLE9 >> >> -- Sam Clippinger >> >> On 6/8/11 3:03 PM, Eric Shubert wrote: >>> The first cipher listed is the same one that qmail used with a >>> successful transmission. >>> >>> Looks to me from all of this that there is a bug in spamdyke with >>> regards to that particular remote server software and TLS. >>> >>> I think this is the point where Sam can best continue helping to debug >>> this situation. >>> >>> Sam? >>> >>> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >>
-- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
