You're quite correct -- this is a bug in version 5.0.0. I've got it fixed in the next version, hopefully to be released very soon.
-- Sam Clippinger On Feb 2, 2015, at 1:38 PM, Heiko Bornholdt via spamdyke-users <spamdyke-users@spamdyke.org> wrote: > Hi, > > I’m trying to replace my Spamdyke 4.3 with 5.0. I want to disable SSLv3 > because of POODLE. > > I’m using Ubuntu 12.04 LTS and have Spamdyke compiled from source without any > special configuration. > >> root@andromeda:~# spamdyke --version >> spamdyke 5.0.0+TLS+CONFIGTEST+DEBUG (C)2014 Sam Clippinger, samc (at) >> silence (dot) org >> http://www.spamdyke.org/ > > This is my run-script: >> root@andromeda:~# cat /etc/service/qmail-relay-submit/run >> #!/bin/sh >> QMAILUID=`id -u qmaild` >> NOFILESGID=`id -g qmaild` >> exec tcpserver -v -HPR -u $QMAILUID -g $NOFILESGID 0 587 spamdyke -f >> /etc/spamdyke-587.conf /usr/sbin/qmail-smtpd 2>&1 > > > I have problems with submitting messages via SMTP. I have debugged the > problem with swaks and tcpdump, and so I have discovered, that with my > configuration Spamdyke is sending incomplete SMTP answers. > > From my local computer I run: >> [heiko@dhcp-172-21-37-9 ~]$ swaks -t he...@bornholdt.it -f >> he...@andromeda.bornholdt.it --server andromeda.bornholdt.it:587 --auth >> --auth-user=heiko >> Password: s3cr3t >> === Trying andromeda.bornholdt.it:587... >> === Connected to andromeda.bornholdt.it. >> <- 220 andromeda.bornholdt.it ESMTP >> -> EHLO dhcp-172-21-37-9.wlan.uni-hamburg.de.local >> <** Timeout (30 secs) waiting for server response >> -> HELO dhcp-172-21-37-9.wlan.uni-hamburg.de.local >> <- 250 andromeda.bornholdt.it >> *** Host did not advertise authentication >> -> QUIT >> <- 221 andromeda.bornholdt.it >> === Connection closed with remote host. > > And on the server: >> root@andromeda:~# tcpflow -i any -C -e port 587 >> tcpflow[9428]: listening on any >> 220 andromeda.bornholdt.it ESMTP >> >> EHLO dhcp-172-21-37-9.wlan.uni-hamburg.de.local >> >> 250-andromeda.bornholdt.it >> >> 250-PIPELINING >> 250-8BITMIME >> 250-AUTH LOGIN PLAIN >> 250-STARTTLS > > > Nothing happens for 30 seconds and then the client aborts because of a > timeout. > > My configuration: >> root@andromeda:~# cat /etc/spamdyke-587.conf >> log-level=verbose >> log-target=stderr >> smtp-auth-level=always >> smtp-auth-command=/usr/bin/checkvpw /usr/local/bin/heiko-smtp-auth-logger >> maildir >> hostname-file=/var/lib/qmail/control/me >> tls-level=smtp >> tls-certificate-file=/etc/qmail/servercert.pem >> tls-privatekey-file=/etc/qmail/servercert.pem >> tls-cipher-list=kEDH:AESGCM:HIGH:+MEDIUM:TLSv1:+ALL:!RC4:!SEED:!IDEA:!RC2:!3DES:!DES:!MD5:!DSS:!aNULL:!eNULL:!ECDSA:!ECDH:!PSK:!SRP >> tls-dhparams-file=/etc/ssl/private/dhparam2048.pem >> qmail-morercpthosts-cdb=/var/lib/qmail/control/morercpthosts.cdb >> qmail-rcpthosts-file=/dev/null > > > Log: >> root@andromeda:~# cat /var/log/qmail/qmail-relay-submit/current | tai64nlocal >> 2015-02-02 18:33:29.206085500 tcpserver: status: 1/40 >> 2015-02-02 18:33:29.206143500 tcpserver: pid 11591 from 134.100.17.1 >> 2015-02-02 18:33:29.212386500 tcpserver: ok 11591 >> static.199.121.76.144.clients.your-server.de:::ffff:144.76.121.199:587 >> :::ffff:134.100.17.1::57359 >> 2015-02-02 18:33:29.213511500 spamdyke[11591]: >> ERROR(load_resolver_file()@search_fs.c:752): invalid/unparsable nameserver >> found: 2a01:4f8:0:a111::add:9898 >> 2015-02-02 18:33:29.213579500 spamdyke[11591]: >> ERROR(load_resolver_file()@search_fs.c:752): invalid/unparsable nameserver >> found: 2a01:4f8:0:a102::add:9999 >> 2015-02-02 18:33:29.213609500 spamdyke[11591]: >> ERROR(load_resolver_file()@search_fs.c:752): invalid/unparsable nameserver >> found: 2a01:4f8:0:a0a1::add:1010 >> 2015-02-02 18:33:59.323577500 tcpserver: end 11591 status 0 >> 2015-02-02 18:33:59.323578500 tcpserver: status: 0/40 > > I think, the problem is, that the server will send “250-STARTTLS” and not > “250 STARTTLS” (missing hyphen). So the client thinks, that the message is > not complete and waits for the next line. > > Best regards, > Heiko > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users