Good news! We just found the issue: it was coming from Norton Antivirus which had an outgoing email scanning feature enabled... grrr!
Thanks all for the help! Best regards, Jerome > -----Message d'origine----- > De : Jerome Louvel > Envoyé : mardi 15 avril 2008 16:48 > À : [email protected] > Cc : Heiko Schlittermann > Objet : RE: [exim] Weird client TLS problem > > > Hi Heiko, > > Thanks for the test idea. > > From my machine: > ---------------- > 220 ssl.schlittermann.de ESMTP Exim 4.68 Tue, 15 Apr 2008 > 16:35:13 +0200 > EHLO colorado > 250-ssl.schlittermann.de Hello m215.net81-67-81.noos.fr [81.67.81.215] > 250-SIZE 52428800 > 250-PIPELINING > 250-AUTH PLAIN LOGIN > 250-STARTTLS > 250 HELP > STARTTLS > 220 TLS go ahead > > From the other machine: > ----------------------- > 220 ssl.schlittermann.de ESMTP Exim 4.68 Tue, 15 Apr 2008 > 16:36:54 +0200 > EHLO Labouelle > 250-ssl.schlittermann.de Hello m215.net81-67-81.noos.fr [81.67.81.215] > 250-SIZE 52428800 > 250-PIPELINING > 250-AUTH PLAIN LOGIN > 250-STARTTLS > 250 HELP > STARTTLS > 454 TLS temporairement indisponible > > > So the problem doesn't seems to come from our Exim machine. > We did a test on Google's SMTP server: > > From my machine: > ---------------- > 220 smtp.google.com ESMTP > EHLO colorado > 250-smtp.google.com Hello m215.net81-67-81.noos.fr > [81.67.81.215], pleased to meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-8BITMIME > 250-SIZE 20000000 > 250-STARTTLS > 250-DELIVERBY > 250 HELP > STARTTLS > 220 2.0.0 Ready to start TLS > > From the other machine: > ----------------------- > 220 smtp.google.com ESMTP > EHLO Labouelle > 250-smtp.google.com Hello m215.net81-67-81.noos.fr > [81.67.81.215], pleased to meet you > 250-ENHANCEDSTATUSCODES > 250-PIPELINING > 250-8BITMIME > 250-SIZE 20000000 > 250-STARTTLS > 250-DELIVERBY > 250 HELP > STARTTLS > 454 TLS temporairement indisponible > > So we have the same issue! So it is not an Exim issue but > probably an issue with the client machine... > > Any idea? Please help! :) > > Best regards, > Jerome > > > -----Message d'origine----- > > De : [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] De la part de Heiko > Schlittermann > > Envoyé : jeudi 10 avril 2008 21:16 > > À : [email protected] > > Objet : Re: [exim] Weird client TLS problem > > > > Jerome Louvel <[EMAIL PROTECTED]> (Do 10 Apr 2008 18:13:49 CEST): > > > > > > > > > I'm not sure I want to go that far yet as I'm still not > > sure about the > > > actual cause. Is a '0' entropy an issue in all cases, or is > > it just an issue > > > for Exim/TLS? > > > > Missing entropy should be a problem for all applications using > > /dev/random. > > > > 'not enought entropy' message, I think, it came from some > > > > other service, > > > > exim just waited for entropy (so I'm not 100% sure for your > > > > case, since > > > > for us exim just waited.... but could be that this > > behaviour changed.) > > > > > > I checked mainlog again and nothing related to the failing > > connection > > > appears. > > > > Did you check it against other servers. You might use our > > (ssl.schlittermann.de). Of course, I won't let you relay, but > > you should > > get a meaningful error message. > > > > Maybe you could start exim in debug mode on some other port > and watch > > the output > > > > exim -d-all+tls -bd -C <testconfig> > > > > -- > > Heiko > > -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
