Hi Timo, I've tried amavisd 2.8.2 rc1, and I've a problem with TLS. Here the relevant conf in amavisd.conf: $tls_security_level_in = 'encrypt'; # undef, 'may', 'encrypt', ... $tls_security_level_out = 'encrypt'; $smtpd_tls_cert_file = '/etc/amavisd/mailstorm3.spamguard.fr-cert.pem'; $smtpd_tls_key_file = '/etc/amavisd/mailstorm3.spamguard.fr-key.pem';
And I've got these in mail.log: Oct 13 12:21:55 smtp01 amavis[15005]: (15005-01) (!!)Error on socket: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed\n Oct 13 12:21:55 smtp01 amavis[15005]: (15005-01) mail_via_smtp: session failed: Error upgrading socket to SSL: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/sbin/amavisd line 7734. Oct 13 12:21:55 smtp01 amavis[15005]: (15005-01) (!)SEND from <> -> <[email protected]>, 451 4.5.0 From MTA() during fwd-connect (Error upgrading socket to SSL: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/sbin/amavisd line 7734.): id=15005-01 Oct 13 12:21:55 smtp01 amavis[15005]: (15005-01) (!!)TROUBLE in check_mail: quar+notif FAILED: temporarily unable to quarantine: 451 4.5.0 From MTA() during fwd-connect (Error upgrading socket to SSL: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/sbin/amavisd line 7734.): id=15005-01 at /usr/sbin/amavisd line 15591. Oct 13 12:21:55 smtp01 amavis[15005]: (15005-01) (!)PRESERVING EVIDENCE in /var/amavis/tmp/amavis-20131013T122154-15005-N4LueMVr Oct 13 12:21:55 smtp01 amavis[15005]: (15005-01) size: 14475, TIMING [total 384 ms] - sql-prepare: 1.6 (0%)0, SMTP greeting: 0. It seems happening since the perl module *IO::Socket::SSL *upgrade from 1.76 to 1.95 _I've tried to downgrade amavisd to 2.8.1 and it's still the same._ some version information: Debian testing amavisd-new-2.8.2-rc1 (20130904) OpenSSL 1.0.1e 11 Feb 2013 Oct 13 12:21:16 smtp01 amavis[14988]: starting. /usr/sbin/amavisd at mailstorm3.spamguard.fr amavisd-new-2.8.2-rc1 (20130904), Unicode aware, LANG="en_GB" Oct 13 12:21:16 smtp01 amavis[14988]: perl=5.018001, user=, EUID: 1002 (1002); group=, EGID: 1002 1002 (1002 1002) Oct 13 12:21:16 smtp01 amavis[14988]: INFO: no optional modules: unicore::lib::Nt::De.pl Unix::Getrusage /etc/mail/spamassassin/crm114.pm auto/POSIX/SigAction/new.al unicore/lib/Nt/De.pl Oct 13 12:21:16 smtp01 amavis[14988]: SpamControl: scanner SpamAssassin, module Amavis::SpamControl::SpamAssassin Oct 13 12:21:16 smtp01 amavis[14988]: SpamControl: scanner DSPAM, module Amavis::SpamControl::ExtProg Oct 13 12:21:16 smtp01 amavis[14988]: SpamControl: init_pre_chroot on SpamAssassin done Oct 13 12:21:16 smtp01 amavis[14988]: socket module IO::Socket::INET6, protocol families available: INET, INET6 Oct 13 12:21:16 smtp01 amavis[14988]: bind to /var/amavis/amavisd.sock|unix, 87.98.168.176:10024/tcp, 87.98.168.176:10026/tcp, 87.98.168.176:9998/tcp, 87.98.168.176:10028/tcp, 87.98.168.176:10023/tcp, 87.98.168.176:10022/tcp, 87.98.168.176:10021/tcp, 87.98.168.176:10020/tcp, 87.98.168.176:10019/tcp, 87.98.168.176:10018/tcp, 87.98.168.176:10017/tcp, 87.98.168.176:10016/tcp, 87.98.168.176:10015/tcp Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Process Backgrounded Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: 2013/10/13-12:21:16 Amavis (type Net::Server::PreForkSimple) starting! pid(14995) Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to UNIX socket file "/var/amavis/amavisd.sock" Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10024 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10026 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 9998 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10028 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10023 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10022 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10021 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10020 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10019 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10018 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10017 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10016 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Binding to TCP port 10015 on host 87.98.168.176 with IPv4 Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: Group Not Defined. Defaulting to EGID '1002 1002' Oct 13 12:21:16 smtp01 amavis[14995]: Net::Server: User Not Defined. Defaulting to EUID '1002' Oct 13 12:21:16 smtp01 amavis[14995]: config files read: /etc/amavisd.conf Oct 13 12:21:16 smtp01 amavis[14995]: Module Amavis::Conf 2.319 Oct 13 12:21:16 smtp01 amavis[14995]: Module Archive::Zip 1.30 Oct 13 12:21:16 smtp01 amavis[14995]: Module BerkeleyDB 0.53 Oct 13 12:21:16 smtp01 amavis[14995]: Module Compress::Raw::Zlib 2.062 Oct 13 12:21:16 smtp01 amavis[14995]: Module Compress::Zlib 2.062 Oct 13 12:21:16 smtp01 amavis[14995]: Module Crypt::OpenSSL::RSA 0.28 Oct 13 12:21:16 smtp01 amavis[14995]: Module DBD::mysql 4.024 Oct 13 12:21:16 smtp01 amavis[14995]: Module DBI 1.628 Oct 13 12:21:16 smtp01 amavis[14995]: Module DB_File 1.827 Oct 13 12:21:16 smtp01 amavis[14995]: Module Digest::MD5 2.52 Oct 13 12:21:16 smtp01 amavis[14995]: Module Digest::SHA 5.85 Oct 13 12:21:16 smtp01 amavis[14995]: Module Encode 2.49 Oct 13 12:21:16 smtp01 amavis[14995]: Module File::Temp 0.2302 Oct 13 12:21:16 smtp01 amavis[14995]: Module IO::Socket::INET6 2.69 Oct 13 12:21:16 smtp01 amavis[14995]:*Module IO::Socket::SSL 1.954* Oct 13 12:21:16 smtp01 amavis[14995]: Module MIME::Entity 5.503 Oct 13 12:21:16 smtp01 amavis[14995]: Module MIME::Parser 5.503 Oct 13 12:21:16 smtp01 amavis[14995]: Module MIME::Tools 5.503 Oct 13 12:21:16 smtp01 amavis[14995]: Module Mail::DKIM::Signer 0.4 Oct 13 12:21:16 smtp01 amavis[14995]: Module Mail::DKIM::Verifier 0.4 Oct 13 12:21:16 smtp01 amavis[14995]: Module Mail::Header 2.12 Oct 13 12:21:16 smtp01 amavis[14995]: Module Mail::Internet 2.12 Oct 13 12:21:16 smtp01 amavis[14995]: Module Mail::SPF v2.009 Oct 13 12:21:16 smtp01 amavis[14995]: Module Mail::SpamAssassin 3.004000 Oct 13 12:21:16 smtp01 amavis[14995]: Module Net::DNS 0.72 Oct 13 12:21:16 smtp01 amavis[14995]: Module Net::SSLeay 1.55 Oct 13 12:21:16 smtp01 amavis[14995]: Module Net::Server 2.007 Oct 13 12:21:16 smtp01 amavis[14995]: Module NetAddr::IP 4.071 Oct 13 12:21:16 smtp01 amavis[14995]: Module Razor2::Client::Version 2.84 Oct 13 12:21:16 smtp01 amavis[14995]: Module Scalar::Util 1.27 Oct 13 12:21:16 smtp01 amavis[14995]: Module Socket 2.011 Oct 13 12:21:16 smtp01 amavis[14995]: Module Socket6 0.23 Oct 13 12:21:16 smtp01 amavis[14995]: Module Time::HiRes 1.9726 Oct 13 12:21:16 smtp01 amavis[14995]: Module URI 1.60 Oct 13 12:21:16 smtp01 amavis[14995]: Module Unix::Syslog 1.1 Thank for your help ! Best regards, Tonio
