> From: spamdyke-users [mailto:spamdyke-users-boun...@spamdyke.org] On
> Behalf Of Alessio Cecchi via spamdyke-users
> For me works fine with:
> tls-level=smtp-no-passthrough
> tls-certificate-file=/var/ssl/wildcard.pem
> and in /var/ssl/wildcard.pem there is a chain like this:
> > openssl s_client -connect localhost:25 --starttls smtp
> Try with "-starttls"

Thank you for your suggestion. I really appreciate it.

But in the past hour I've just found the cause: fixcrio

In my smtp/run file I have:

tcpserver -DRUvX -c "$concurrency" -l "`head -1 /var/qmail/control/me`" -x
/etc/tcpcontrol/smtp.cdb 0 smtp fixcrio /usr/local/bin/spamdyke -f
/etc/spamdyke.d/spamdyke.conf /var/qmail/bin/qmail-smtpd

Why is fixiocr here? Well, either I had to add it to make spamdyke work with
this particular setup, or it was added by the particular install script I
used to install this particular qmail installation. I just don't remember.

Unfortunately, fixcrio from ucspi-tcp-0.88 breaks TLS completely

Luckily there is a patch to fixcrio that allows it to support TLS, as seen
here: http://www.mail-archive.com/qmail@id.wustl.edu/msg48044.html

And applying this makes everything work perfectly, just as it should have
done in the first place! Yay!

I will experiment with removing fixcrio later. For now I'm just really
pleased it all works correctly.

spamdyke-users mailing list

Reply via email to