James Price wrote: > On 5/7/2010 5:15 PM, James Brown wrote: > >> OS 8.0-STABLE FreeBSD , exim v. 4.71 >> I am trying to customize my exim-server setting up on my vds. >> I have uncommented the next recordes in its configs: >> daemon_smtp_port = 25:465 >> tls_certificate = CONFDIR/certificate.crt >> tls_privatekey = CONFDIR/certificate.key >> tls_on_connect_ports = 465 >> and restarted my server. >> After that I have tried to send testing letters from my client on my >> local PC (Icedove 2.0.0.24 under Debian Lenny) but it wrote me that >> server was failed or refusing connections. (In the same time I could >> send email letters through the port n. 25 without tls/ssl). >> The log file of my server are attached. >> ls -l /usr/local/etc/server.key >> -r-------- 2 root wheel 887 Jan 1 1970 /usr/local/etc/server.key >> ls -l /usr/local/sbin/exim >> lrwxrwxrwx 1 root wheel 11 Apr 29 10:04 /usr/local/sbin/exim -> >> exim-4.71-0 >> ls -l /usr/local/sbin/exim-4.71-0 >> -rwsr-xr-x 2 root wheel 934792 Jan 1 1970 /usr/local/sbin/exim-4.71-0 >> Does the exim daemon cannot have access to key-file? >> >> >> > From the looks of this, it appears whatever user you're running exim > under does not have permission to open the key file, of course unless > you're running exim as root which certainly should have permissions > based on what you supplied. I would change the owner of the key and > cert file to the same user you're running exim under restart the daemon > and you should be good. > > Thanks, > James > > Very thanks. My exim works under user /mailnull : ps aux | grep exim mailnull 89386 0.0 0.0 21120 3708 ?? IsJ 1:17AM 0:00.02 /usr/local/sbin/exim -bd -q30m (exim-4.71-0)
/And key-file belong to root. But as it was specified earlier //usr/local/sbin/exim /had a setuid bit. Why exim cannot read that file in spite of that? Of course, I can change user of that file, but is it safely to user mailnull as an oowner of that key-file? Futhermore, that used not only exim but dovecot too that works under users root and dovecot: ps aux | grep dovecot root 9987 0.0 0.0 6972 1528 ?? SsJ 9:06AM 0:02.81 /usr/local/sbin/dovecot -c /usr/local/etc/dovecot.conf root 10010 0.0 0.0 9024 2280 ?? SJ 9:06AM 0:01.57 dovecot-auth dovecot 10121 0.0 0.0 10836 2580 ?? IJ 9:06AM 0:00.01 imap-login dovecot 73120 0.0 0.0 10840 2704 ?? IJ 8:35AM 0:00.00 pop3-login dovecot 73121 0.0 0.0 10840 2704 ?? IJ 8:35AM 0:00.00 pop3-login Is it possible to it read that file foo? Or it will be simpler to me copy key-file in config-direcotry of exim changing user in the same time and use it for exim separatly? Yours, James -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
