On 22/06/17 21:48, Ian Zimmerman wrote: > I had some major changes to my setup due to the stack whale.
The what? > Now, receiving from a yahoo user (from a mobile device, I think) results > always in this: > > 2017-06-21 22:23:56 SMTP connection from [66.163.186.85]:34461 (TCP/IP > connection count = 1) > 2017-06-21 22:23:59 TLS error on connection from > sonic318-23.consmr.mail.ne1.yahoo.com [66.163.186.85]:34461 > (gnutls_handshake):\ > A TLS fatal alert has been received. > 2017-06-21 22:23:59 Connection from [66.163.186.85]:33111 refused: too many > connections from that IP address > 2017-06-21 22:24:00 SMTP connection from > sonic318-23.consmr.mail.ne1.yahoo.com [66.163.186.85]:34461 closed by EOF > > There is always the 2nd simultaneous connection from the same host. I have > > smtp_accept_max_per_host = 1 > > I _think_ that is not relevant, but just in case. It's relevant to the second connection you logged being refused (note the port number difference). We can't tell from that info why the first connection had a problem except tat it was TLS-related. Consider cipher-list mismatches, or certificate-verification issues. Run in debug mode and see if you can get more detailed info (problem is, it's the peer cancelling the TLS connection; it may be we don't have any reason at our end). Try using cmdline tools to investigate. > > This is exim 4.89 as shipped with debian stretch, and so linked with > gnutls. Does it seem worthwhile to keep on investigating, or should I > already build my own exim and link it with openssl? No certainty of a better outcome; only a different one :-/ -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
