If people want qmail-dk (ssl) and have already installed the update
(qmail version 1.03-1.3.24) you can do the following to get qmail-dk
working with ssl/crypto:
(i686)
# rpm -Uvh
ftp://ftp.qmailtoaster.org/pub/repo/qmt/CentOS/5/testing/i386/libdomainkeys-toaster-0.68-1.3.7.i686.rpm
# rpm -ivh --replacefiles --replacepkgs
ftp://ftp.qmailtoaster.org/pub/repo/qmt/CentOS/5/testing/i386/qmail-toaster-1.03-1.3.24.i686.rpm
(x86_64)
# rpm -Uvh
ftp://ftp.qmailtoaster.org/pub/repo/qmt/CentOS/5/testing/x86_64/libdomainkeys-toaster-0.68-1.3.7.x86_64.rpm
# rpm -ivh --replacefiles --replacepkgs
ftp://ftp.qmailtoaster.org/pub/repo/qmt/CentOS/5/testing/x86_64/qmail-toaster-1.03-1.3.24.x86_64.rpm
If you haven't installed qmail-toaster ssl update (version 1.03-1.3.24)
follow instruction here: https://www.qmailtoaster.org/newopensslcnt50.html
On 7/5/2018 10:58 AM, Brian Ghidinelli wrote:
FWIW, I did not update my qmail-dk binary. I was hypothesizing it was
only used to sign, not to communicate, and therefore the version of
openssl didn't matter. I might be wrong, but I'm still sending mail?
Brian
On 7/5/18 06:38, South Computers wrote:
Interestingly, this broke DKIM.
I don't have the time to look further right now, but disabled dk for
the time being, and it's working.
Was getting this in smtp/current when trying to send mail:
@400000005b3e1a821e069b7c qmail-dk:[3870]: Dying due to a POSSIBLE BUG!
etc...
South Computers wrote:
Also mostly a lurker these days, but wanted to chime in and give a
big thanks as well Eric.
Much appreciate all your work to keep this going.
Scott
Also, if anyone else has neglected to keep their toaster up to date
and needs to manually install the epel repo, at least for x86 on COS5:
wget
http://dl.fedoraproject.org/pub/archive/epel/5/i386/epel-release-5-4.noarch.rpm
rpm -Uhv epel-release-5-4.noarch.rpm
Eric Broch wrote:
Instructions for setting up greater than openssl-0.9.8 CentOS 5,
minimal testing done. This is done with openssl-1.01e
https://www.qmailtoaster.org/newopensslcnt50.html
Eric
On 6/29/2018 4:51 AM, Peter Peltonen wrote:
Great, thanks for sharing!
One question:
Eric had produced an RPM for qmail 1.03-1.3.23.i386 with the CNAME
lookups removed.
Yours is 1.03-1.3.22 and with CNAME lookups enabled I assume.
How would one migrate the changes you did to Eric's version, as I
would like to have both: newer TLS support + CNAME lookups removed?
Best,
Peter
On Fri, Jun 29, 2018 at 10:34 AM, Eric Broch
<ebr...@whitehorsetc.com> wrote:
Thanks, Brian!!!
On 6/29/2018 1:32 AM, Brian Ghidinelli wrote:
Good news - I seemed to have solved this. It's a combo of these
old notes
from 2011 and an upgraded openssl:
http://www.ghidinelli.com/2011/10/20/october-qmail-follow-up
I'm attaching my modified qmail-toaster.spec from 1.3.21. I
installed
openssl-1.0.2o from source on CentOS 5 and linked:
/usr/include/openssl -> /usr/local/ssl/include/openssl/
Then I rebuilt the RPM:
rpmbuild -bb --target i686 --with cnt50
/usr/src/redhat/SPECS/qmail-toaster.spec
This generated the RPM. I extracted the files:
rpm2cpio qmail-toaster-1.03-1.3.22.i686.rpm | cpio -idmv
I backed up my existing qmail-smtpd and qmail-remote.orig, and
copied
the new binaries over (from /usr/src/redhat/RPMS/i686/var/qmail/bin
where cpio extracted them to)
And then tested with checktls.com and everything shows TLS 1.2
now. *whew*
This buys us a little time to complete a migration. Hope this
helps someone
else!
Brian
On 6/27/18 09:09, Eric Broch wrote:
Have a look at this thread:
https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg41029.html
IMHO, there were to many packages that were dependent on
openssl-9.8 on the
CentOS 5 box to make this practical.
---------------------------------------------------------------------
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
--
Eric Broch
White Horse Technical Consulting (WHTC)
---------------------------------------------------------------------
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
--
Eric Broch
White Horse Technical Consulting (WHTC)
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
