On 2017-02-04 at 10:26 -0700, The Doctor wrote: > Looks as if there is an issue sending mail between the server > using SSL that I had to revert back to Exim 4.88 > > Using FreeBSD 11.
As bug-reports go, this one is somewhat lacking. I ask you to put yourself in my shoes: what could I reasonably do to proceed, based upon what you've said here? Please read: http://www.chiark.greenend.org.uk/~sgtatham/bugs.html The mailhub for spodhuis.org is FreeBSD 10.3 and running Exim 4.89RC2. When I send mail out as [email protected] it flows to the exim.org mailhub, authenticating the TLS certificate using DANE (DNSSEC in use with TLSA) and authenticating (SMTP AUTH with CRAM-MD5) within that session, before sending the message using CHUNKING. spodhuis.org mailhub is within a Jail environment with IPv4/IPv6 dualstack connectivity, choosing IPv6 to reach the exim.org mailhub. TLS fields from mainlog for such a delivery: X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=dane DN="/CN=mx.exim.org" Exim 4.89's -d -bV library linkage information: Library version: OpenSSL: Compile: OpenSSL 1.0.2k 26 Jan 2017 Runtime: OpenSSL 1.0.2k 26 Jan 2017 : built on: reproducible build, date unspecified Relevant lines from Local/Makefile: SUPPORT_TLS=yes USE_OPENSSL_PC=openssl So Exim on FreeBSD 10.3 with OpenSSL supplied by Ports (openssl-1.0.2k,1; local Poudriere build), things work fine. How was your Exim 4.89RC2 built? What was the library linkage (ldd output? "exim -d-all+tls --version") What was the error seen? ------------8< Success Report: FreeBSD 10.3 Exim 4.89RC2 >8------------- # exim -d-all+tls --version Exim version 4.89 #2 built 05-Feb-2017 03:20:00 Copyright (c) University of Cambridge, 1995 - 2017 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2017 Probably Berkeley DB version 1.8x (native mode) Support for: crypteq iconv() IPv6 use_setclassresources OpenSSL Content_Scanning DKIM DNSSEC Event OCSP TCP_Fast_Open Experimental_QUEUEFILE Experimental_DANE Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb passwd sqlite Authenticators: cram_md5 dovecot heimdal_gssapi plaintext tls Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir autoreply lmtp pipe queuefile smtp Fixed never_users: 0 Configure owner: 0:0 Size of off_t: 8 Compiler: CLang [3.4.1 (tags/RELEASE_34/dot1-final 208032)] Library version: OpenSSL: Compile: OpenSSL 1.0.2k 26 Jan 2017 Runtime: OpenSSL 1.0.2k 26 Jan 2017 : built on: reproducible build, date unspecified Library version: Heimdal: Runtime: Heimdal 7.1.0 Build Info: @(#)$Version: Heimdal 7.1.0 by root on builds.spodhuis.org (amd64-portbld-freebsd10.3) Fri Jan 6 04:34:17 UTC 2017 $ Library version: PCRE: Compile: 8.40 Runtime: 8.40 2017-01-11 Library version: SQLite: Compile: 3.16.2 Runtime: 3.16.2 WHITELIST_D_MACROS unset TRUSTED_CONFIG_LIST: "/etc/exim/trusted_configs" Exim version 4.89 uid=0 gid=0 pid=61133 D=8000000 tls_require_ciphers expands to "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!RC4:!aNULL:!ADH:!DES:!EXP:!NULL:!aNULL:!eNULL" tls_validate_require_cipher child 61134 ended: status=0x0 openssl option, adding from 1100000: 1000000 (no_sslv2 +no_sslv3) openssl option, adding from 1100000: 2000000 (no_sslv3) configuration file is /etc/exim/exim.conf log selectors = 0000fffe 1ebf6faa cwd=/root 3 args: exim -d-all+tls --version trusted user admin user Configuration file is /etc/exim/exim.conf ------------8< Success Report: FreeBSD 10.3 Exim 4.89RC2 >8-------------
signature.asc
Description: Digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
