I don't see how it could matter, so long as you have valid values in
there. It's just a text file.
Do you mind sharing which ciphers you needed to add to accomodate which
mail server on the other end?
Of course the same mail server software on the other end could be
configured differently from one host to the next. It's a little
suspicious to me though that the only ciphers available are insecure
ones. It's also possible though that the other server quit trying after
the first one failed. Python had a similar problem with this (not
checking alternative authentication methods after failing the first)
before I reported the behavior as a bug, which was subsequently fixed.
Thanks.
--
-Eric 'shubes'
On 10/13/2014 06:47 PM, Rajesh M. wrote:
thanks very much eric
i simply backed up the tlsserverciphers and edited the existing tlsserverciphers
it worked.
i hope it does not matter if do not create the new tlsserverciphers.dist file
rajesh
----- Original Message -----
From: Eric Shubert [mailto:[email protected]]
To: [email protected]
Sent: Mon, 13 Oct 2014 17:09:42 -0700
Subject: [qmailtoaster] Re: tls connect errors : extremely urgent
The cert's probably ok. I'm guessing that the destination server can't
handle the more secure ciphers that are being used now (the newer QMT is
hardened a bit security wise).
Try this:
# cd /var/qmail/control
# mv tlsserverciphers tlsserverciphers.qmt
# ln -s tlsserverciphers.dist tlsserverciphers
You might need to restart qmail after doing this. That should put you
back to the older more permissive (and insecure) ciphers.
You may or may not have a tlsciphers.dist file. If you don't, I've
attached one from my COS6 QMT (although I don't use it - I use the more
secure one).
Let us know if that does it for you.
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]