> From: spamdyke-users [mailto:spamdyke-users-boun...@spamdyke.org] On > Behalf Of Alessio Cecchi via spamdyke-users > For me works fine with: > > tls-level=smtp-no-passthrough > tls-certificate-file=/var/ssl/wildcard.pem > > and in /var/ssl/wildcard.pem there is a chain like this: > > CERTIFICATE > PRIVATE-KEY > > > openssl s_client -connect localhost:25 --starttls smtp > > Try with "-starttls" >
Thank you for your suggestion. I really appreciate it. But in the past hour I've just found the cause: fixcrio In my smtp/run file I have: tcpserver -DRUvX -c "$concurrency" -l "`head -1 /var/qmail/control/me`" -x /etc/tcpcontrol/smtp.cdb 0 smtp fixcrio /usr/local/bin/spamdyke -f /etc/spamdyke.d/spamdyke.conf /var/qmail/bin/qmail-smtpd Why is fixiocr here? Well, either I had to add it to make spamdyke work with this particular setup, or it was added by the particular install script I used to install this particular qmail installation. I just don't remember. Unfortunately, fixcrio from ucspi-tcp-0.88 breaks TLS completely (unsurprisingly!). Luckily there is a patch to fixcrio that allows it to support TLS, as seen here: http://www.mail-archive.com/qmail@id.wustl.edu/msg48044.html And applying this makes everything work perfectly, just as it should have done in the first place! Yay! I will experiment with removing fixcrio later. For now I'm just really pleased it all works correctly. _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users