On 2008-04-15 at 09:37 +0200, Florian Weimer wrote: > Communigate Pro (at least in some versions) does not cope very well > with TLS advertisements. If this server software tries to submit a > message to one of our hosts (which advertises STARTTLS during EHLO), > it aborts the delivery attempt during the TLS handshake. The nasty > part: it immediately retries, at the same MX, leading to the same > failure, probably until the message has expired from the queue.
Can you get any debugging information about what exactly fails? > Is there some sort of configuration hack that could help to address > this problem? I don't want to fall back to SSL 3.0 globally (hich > would solve this particular problem), and sender-specific > configuration is only a last resort. Use ratelimit checks in an acl_smtp_starttls ACL ? Otherwise, parse the logs for the relevant error message occuring more than N times in a given period (look at the shipped ratelimit.pl script for help if needed) and update a file of forbidden STARTTLS senders and use that in combination with tls_advertise_hosts. -Phil -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
