On 06/10/2011 10:42 AM, Dossy Shiobara wrote: > On 6/10/11 1:30 PM, Eric Shubert wrote: >>> Qmail-TLS appears to use $QMAILDIR/control/servercert.pem and uses 512- >>>> and 1024-bit DH param files, as well. I can see that Ron's Spamdyke >>>> configuration is pointing at the same certificate, but doesn't support a >>>> separate DH param PEM as far as I can see. >> You mean spamdyke doesn't support a separate DH param PEM? >> > > Not that I could find. However, I *should* just be able to concat the > DH param PEM onto the end of the certificate PEM, and OpenSSL should Do > The Right Thing(tm) with it. >
I'm sure you know more about SSL than I do, and I'm just wondering. Why does TLS work with some servers and not others? Is it due to a particular cipher that's being used? Of course, I'm making a bit of a presumption here. My server is configured very close if not identically to Ron's, and I'm seeing smtp sessions with TLS (non-authenticated) fairly regularly. Chase, Discover, gmail and ebay (among others) are sending to me using TLS with no problem. -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users