On 2008-03-10 at 14:56 -0700, [EMAIL PROTECTED] wrote: > With exim4 pointed at the new smarthost, I see the EHLO from my machine, and > code 250 (OK) response from the smarthost. However, right after that my > machine sends a "STARTTLS" command to the smarthost, the smarthost sends > back a code 220 (Ready to start TLS), at which point it just sits there with > no further progress. I assume it times out eventually.
Known problem with Exim/GnuTLS on Debian with entropy exhaustion; see /usr/share/doc/exim4/README.Debian.gz -- using hosts_avoid_tls = * on the remote_smtp transport, as Renaud suggested, works around this. If you never want TLS to the new server, on that server find the "tls_advertise_hosts = *" and remove it. If Exim is stalling, I believe that suggests that it's trying to generate the Diffie-Hellman parameters itself, which you can avoid by having them created externally. According to README.Debian, you just need to install the "gnutls-bin" package and then the daily cron-job which was nuking the files to let Exim re-create them will instead re-create the fresh parameters itself. -Phil -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
