Hi again! Thanks, so I have changed, but it does not seem to be due to chipper standards because it keeps on failing.
How do I verbose log this error: Apr-20-16 21:27:33 m1-80421-01564 [Worker_2] [TLS-in] [TLS-out] x.x.x.x <s...@email.nu> to: m...@email.com [SMTP Status] 451 Requested action aborted: local error in processing Apr-20-16 21:27:33 m1-80421-01564 [Worker_2] [TLS-in] x.x.x.x <s...@email.nu> to: m...@email.com info: file notspam/1564--994898.eml was deleted - reason: MTA closed connection I would like to see the local error that makes the MTA close down. I have tried some different hardware (stationary, laptops, mobile devices) with different software (thunderbird, apples mail and so on) with different type of connectivity (fiber, mobile, cable). But every now and then this happen and it's not only when sending an attatchment (just learned that) like I thought before. Regards, Pontus -----Original Message----- From: Grayhat [mailto:gray...@gmx.net] Sent: den 12 april 2016 14:57 To: assp-test@lists.sourceforge.net Subject: Re: [Assp-test] TLS problems of connectivity? :: On Tue, 12 Apr 2016 11:23:57 +0200 :: <tITC.2910a237aa.OF5E0A2321.7456B3CF-ONC1257F93.003256A3-C1257F93.0033A659@t hockar.com> :: Thomas Eckardt <thomas.ecka...@thockar.com> wrote: > SSL_version:=SSLv2/3:!SSLv3:!SSLv2 > SSL_cipher_list:=DEFAULT:!aNULL:!RC4:!MD5 in case someone is interested, here's my config (watch the wrap) DoTLS := do TLS SSL_version := SSLv23:!SSLv3:!SSLv2 SSL_cipher_list := kEECDH+ECDSA:kEECDH:kEDH:HIGH:+SHA:+RC4:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD kEECDH+5:!EXP:!DSS:!PSK:!SRP:!kECDH:!CAMELLIA128:!IDEA:!SEED the above prioritizes strong ciphers while allowing a graceful fallback to weaker ones to mantain support for obsolete clients; it's serving me well and I feel like I can recommend it; the resulting ciphers offered by ASSP with the above config will then be the following Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 Accepted TLSv1.2 256 bits AES256-GCM-SHA384 Accepted TLSv1.2 256 bits AES256-SHA256 Accepted TLSv1.2 128 bits AES128-GCM-SHA256 Accepted TLSv1.2 128 bits AES128-SHA256 Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA Accepted TLSv1.2 256 bits AES256-SHA Accepted TLSv1.2 256 bits CAMELLIA256-SHA Accepted TLSv1.2 128 bits AES128-SHA Accepted TLSv1.2 128 bits ECDHE-RSA-RC4-SHA Accepted TLSv1.2 128 bits RC4-SHA Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA Accepted TLSv1.1 256 bits AES256-SHA Accepted TLSv1.1 256 bits CAMELLIA256-SHA Accepted TLSv1.1 128 bits AES128-SHA Accepted TLSv1.1 128 bits ECDHE-RSA-RC4-SHA Accepted TLSv1.1 128 bits RC4-SHA Preferred TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA Accepted TLSv1.0 256 bits DHE-RSA-CAMELLIA256-SHA Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA Accepted TLSv1.0 256 bits AES256-SHA Accepted TLSv1.0 256 bits CAMELLIA256-SHA Accepted TLSv1.0 128 bits AES128-SHA Accepted TLSv1.0 128 bits ECDHE-RSA-RC4-SHA Accepted TLSv1.0 128 bits RC4-SHA as you see, the ciphers allow to fallback all the way down to RC4-SHA so allowing even really obsolete clients to connect over SSL; at the same time, the preferred ciphers are the strongest one offered, this means that up-to-date clients will have strong security HTH ---------------------------------------------------------------------------- -- Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
