Eric,
Yes, Just the order is changed :
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
On 1/11/07, Eric Shubes <[EMAIL PROTECTED]> wrote:
So your problem is with TLS.
(We had a segfault error a few months back related to STARTTLS. You might
try searching the list archive to see what happened with that, as I don't
recall off hand).
Do you have a servercert.pem file similar to this?
[root]# ls -l /var/qmail/control/servercert.pem
-rw-r----- 1 root vchkpw 2396 Oct 7 10:31 /var/qmail/control/servercert.pem
Don't show it to us, as that would compromise your security.
Does this file look 'normal'? Mine has:
-----BEGIN RSA PRIVATE KEY-----
<snipped the private stuff>
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
<snipped the private stuff>
-----END CERTIFICATE-----
Lazaro Ferreira wrote:
> Yes same error
>
> On 1/11/07, Eric Shubes <[EMAIL PROTECTED]> wrote:
>> What do you get when you issue the STARTTLS command in telnet?
>> Same error, I'm guessing.
>>
>> Lazaro Ferreira wrote:
>> > Hi Eric,
>> >
>> > I have telnet from the same machine using the EHLO command this is the
>> > session info, everything worked OK :
>> >
>> > telnet my_ip 25
>> > Trying my_qmail ...
>> > Connected to my_qmail (qmail_ip).
>> > Escape character is '^]'.
>> > 220 Welcome to ... smtp Server ESMTP
>> > EHLO remote_domain
>> > 250-Welcome to ... smtp Server
>> > 250-STARTTLS
>> > 250-PIPELINING
>> > 250-8BITMIME
>> > 250-SIZE 20971520
>> > 250 AUTH LOGIN PLAIN CRAM-MD5
>> > MAIL FROM:[EMAIL PROTECTED]
>> > 250 ok
>> > RCPT TO:[EMAIL PROTECTED]
>> > 250 ok
>> > DATA
>> > 354 go ahead
>> > Subject:Test
>> >
>> > EHLO works ok from telnet
>> > .
>> > 250 ok 1168529273 qp 18833
>> > quit
>> >
>> >
>> >
>> > On 1/11/07, Lazaro Ferreira <[EMAIL PROTECTED]> wrote:
>> >> Looking more through recordio, I have notice that either remote host
>> >> (out of my ISP) or direct telnet against the qmail smtp server,
>> >> generate a HELO command that works ok, however the emails sent using
>> >> command line "mail" command from our webserver (within our ISP
>> >> network) generate a EHLO command (smtp Authentication I guess) why ?
>> >>
>> >> How can I setup my qmail to override this behaviour ?
>> >>
>> >> Thank you
>> >>
>> >> On 1/11/07, Lazaro Ferreira <[EMAIL PROTECTED]> wrote:
>> >> > Hi Eric,
>> >> >
>> >> > Thank you four your help
>> >> >
>> >> > I've logged on to remote host using ssh, then i have issue a "mail"
>> >> commad
>> >> > below the smtp log file with recordio :
>> >> >
>> >> > @4000000045a64e7f2fa04c84 17952 > 220 Welcome to ... smtp Server
>> ESMTP
>> >> > @4000000045a64e7f2fa4386c 17952 < EHLO remote_host
>> >> > @4000000045a64e7f2fa4b56c 17952 > 250-Welcome to ... smtp Server
>> >> > @4000000045a64e7f2fa4b954 17952 > 250-STARTTLS
>> >> > @4000000045a64e7f2fa4bd3c 17952 > 250-PIPELINING
>> >> > @4000000045a64e7f2fa4d4ac 17952 > 250-8BITMIME
>> >> > @4000000045a64e7f2fa4d894 17952 > 250-SIZE 20971520
>> >> > @4000000045a64e7f2fa4d894 17952 > 250 AUTH LOGIN PLAIN CRAM-MD5
>> >> > @4000000045a64e7f2fb92f9c 17952 < STARTTLS
>> >> > @4000000045a64e7f2fc02cac *** glibc detected *** free(): invalid
>> >> > pointer: 0x00000035520306b8 ***
>> >> > @4000000045a64e7f2fc2cc8c 17952 > [EOF]
>> >> > @4000000045a64e7f2fc32664 tcpserver: end 17952 status 6
>> >> >
>> >> > is the problem related to SMTP Auth ?
>> >> >
>> >> > Thank you
>> >> >
>> >> > Lazaro
>> >> >
>> >> >
>> >> > On 1/11/07, Eric Shubes <[EMAIL PROTECTED]> wrote:
>> >> > > recordio is a neat little program that comes with
>> >> ucspi-tcp-toaster. When
>> >> > > you plug it into the smtp (or any other for that matter) process,
>> >> it records
>> >> > > all of the input/output of the smtp session to the smtp log. Note,
>> >> it can
>> >> > > grow your log quite rapidly on a busy server, so you don't want to
>> >> leave it
>> >> > > on for a long period of time.
>> >> > >
>> >> > > To enable recordio, modify your /var/qmail/supervise/smtp/run file
>> >> as follows:
>> >> > > exec /usr/bin/softlimit -m 12000000 \
>> >> > > /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c
>> >> "$MAXSMTPD" \
>> >> > > -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
>> >> > > /usr/bin/recordio \
>> >> > > $RBLSMTPD $BLACKLIST $SMTPD $VCHKPW /bin/true 2>&1
>> >> > >
>> >> > > Note, we simply added the next to last line here, leaving
>> >> everything else as
>> >> > > is. Then
>> >> > > # qmailctl restart
>> >> > > to restart the smtp process, and run a test. You'll see the
>> >> details of the
>> >> > > smtp session in the smtp log file (current). Once you have a
>> >> sampling,
>> >> > > remove recordio from the run file and restart qmail again to turn
>> >> it off.
>> >> > >
>> >> > > Lazaro Ferreira wrote:
>> >> > > > Hi Eric,
>> >> > > >
>> >> > > > Sorry, I'm new to this, how can I turn on recordio ?
>> >> > > >
>> >> > > >
>> >> > > >
>> >> > > > On 1/11/07, *Eric Shubes* <[EMAIL PROTECTED]
>> >> <mailto:[EMAIL PROTECTED]>> wrote:
>> >> > > >
>> >> > > > Maybe turn on recordio and see what's coming across the
>> >> session?
>> >> > > > Might give
>> >> > > > a clue as to when/why the failure, then may be able
>> >> reproduce it
>> >> > > > using telnet.
>> >> > > >
>> >> > > > Lazaro Ferreira wrote:
>> >> > > > > Hi,
>> >> > > > >
>> >> > > > > Interestingly I can send from these servers using telnet
>> >> qmail_ip 25,
>> >> > > > > but if I try from command line using the command "mail
>> " it
>> >> > > > produces the
>> >> > > > > gcc error
>> >> > > > >
>> >> > > > > Any ideia or guess is welcome ?
>> >> > > > >
>> >> > > > > Regards
>> >> > > > >
>> >> > > > > Lazaro
>> >> > > > >
>> >> > > > > On 1/11/07, *Lazaro Ferreira* <[EMAIL PROTECTED]
>> >> > > > <mailto:[EMAIL PROTECTED]>
>> >> > > > > <mailto:[EMAIL PROTECTED]
>> >> > > > <mailto:[EMAIL PROTECTED]>>> wrote:
>> >> > > > >
>> >> > > > > Hi,
>> >> > > > >
>> >> > > > > This are my gcc versions:
>> >> > > > >
>> >> > > > > glibc-2.3.4-2.25
>> >> > > > > glibc-kernheaders-2.4-9.1.98.EL
>> >> > > > > glibc-common-2.3.4-2.25
>> >> > > > > glibc-2.3.4-2.25
>> >> > > > > glibc-headers-2.3.4-2.25
>> >> > > > > glibc-devel-2.3.4-2.25
>> >> > > > >
>> >> > > > > OS is Centos 4.4
>> >> > > > >
>> >> > > > > Can you give me more details to try the workaround you
>> >> have
>> >> > > > sugested ?
>> >> > > > >
>> >> > > > > I can hardly see any relation between the problem and
>> >> the glibc
>> >> > > > > message but a BUG in QmailToaster
>> >> > > > >
>> >> > > > > Regards
>> >> > > > > Lazaro
>> >> > > > >
>> >> > > > > On 1/11/07, *Jake Vickers* <[EMAIL PROTECTED]
>> >> > > > <mailto:[EMAIL PROTECTED]> <mailto:[EMAIL PROTECTED]
>> >> <mailto:[EMAIL PROTECTED]>>>
>> >> > > > > wrote:
>> >> > > > >
>> >> > > > > Lazaro Ferreira wrote:
>> >> > > > > > Hi,
>> >> > > > > >
>> >> > > > > > We have used Qmail since 2003, without big
>> >> problems, 3 weeks
>> >> > > > > ago we
>> >> > > > > > upgrade the server to the latest version, after
>> >> > > > installing the new
>> >> > > > > > version, the machine start showing the error :
>> >> > > > > >
>> >> > > > > > *** glibc detected *** free(): invalid pointer:
>> >> > > > > 0x00000035520306b8 ***
>> >> > > > > >
>> >> > > > > > and we stop receiving messages to our qmail
>> >> server virtual
>> >> > > > > domain from all
>> >> > > > > > of our servers (web servers), however POP3, and
>> >> sending out
>> >> > > > > seems to work
>> >> > > > > > OK
>> >> > > > > >
>> >> > > > > > Als
>> >> > > > >
>> >> > > > > Hmm. That's usually a gcc compiler issue;
>> hopefully
>> >> > > > someone else
>> >> > > > > can
>> >> > > > > chime in, but maybe use a MALLOC_CHECK env
>> >> variable to get
>> >> > > > > around this....
>> >> > > > > Anyway, what version of glibc do you have? Mine
>> is:
>> >> > > > > [EMAIL PROTECTED] ~]# rpm -qa | grep glibc
>> >> > > > > glibc-2.3.4-2.25
>> >> > > > > glibc-headers-2.3.4-2.25
>> >> > > > > glibc-common-2.3.4-2.25
>> >> > > > > glibc-kernheaders-2.4-9.1.98.EL
>> >> > > > > glibc-devel-2.3.4-2.25
>> >> > > > >
>> >> > > > >
>> >> > > > > I'm running qmail-toaster-10.3-1.3.8 on this
>> >> particular
>> >> > > > machine
>> >> > > > > still
>> >> > > > > without any problems.
>> >> > > > > Also look at 'man malloc' and take note of the
>> bugs
>> >> > > > section; it may
>> >> > > > > offer a bypass to this issue until someone figures
>> >> out
>> >> > > > exactly
>> >> > > > > what it is.
>> >> > > > >
>> >> > > > >
>> >> > > > >
>> >> > > > >
>> >> > > >
>> >> > >
>> >> > >
>> >> > > --
>> >> > > -Eric 'shubes'
>> >> > >
--
-Eric 'shubes'
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
