On 2014-03-03, Tony Finch <[email protected]> wrote: > I have receved a number of reports recently of TLS interop probblems > between Exim+OpenSSL and Exim+GnuTLS. Is anyone else seeing anything > similar?
McAfee email firewall appliances also hate gnutls. But retrying delivery (sometimes more than 20 times) is sufficient to get success. > GnuTLS clients connecting to send mail see something like: > > 2014-02-27 15:50:14 1WJ2vo-0004Gf-4W > TLS error on connection to ppsw.cam.ac.uk [131.111.8.137] (recv): > A TLS fatal alert has been received.: Bad record MAC Coming from the gnutls side that's what I'm seeing. > There are some suggestions online that this might be related to GnuTLS's > random record padding, but I thought the problems with that had been > fixed. I am no wiser. Except that retrying always works if done enough. This points towards something variable. -- Neither the pheasant plucker, nor the pheasant plucker's son. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
