> From Ron Gorodetzky Wednesday, July 04, 2007 8:27 PM > > I've never really had the need to tweak default settings too > much though after investigating a bit more, I'm not sure why > not. I'm going to have to reevaluate my other setups. > > These are the settings I've chosen for timeouts. Are they > too ambitious? > command_timeout = 20s > connect_timeout = 20s > data_timeout = 30s > final_timeout = 1m
Yes, too ambitious in my opinion. You will probably quite a few hosts that you connect to that cannot keep up with this. Systems doing callouts may not be able to reply to a RCPT TO or MAIL FROM command in 20 seconds, systems going SMTP-time virus and spam scanning may have delays during the data and final phases. You can't assume that other systems are doing nothing but simply spooling mail to disk. > I found that at least one of the misbehaving messages was > hanging on the > following: > > initializing GnuTLS as a client > generating 512 bit RSA key... > selecting on subprocess pipes > selecting on subprocess pipes > ... > > After searching a bit online, some said to make sure (on > debian) gnutls was installed, or to make sure you don't have > entropy starvation, pregenerating exim.key and exim.crt > files, etc. Nothing seemed to make any difference. So I > decided to just turn off tls for remote_smtp. Like > so: > > hosts_avoid_tls = * > > That seemed to do the trick. I'm not entirely sure why the > other supposed fixes didn't work. I certainly support the > use of tls (I use it for smtp between client apps when I > setup a mail server with > authentication) so it feels odd turning it off. Is it common > practice to leave it on for server to server mail exchange? > Should I expect a lot of rejected mail using this setting? I doubt you will see any rejected mail. Most public mail hosts use TLS on a "best effort" basis and fall back to unencrypted if it is not supported. You may well have an entropy issue. I don't know the specifics of what to do about it on Debian. David -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
