Thanks Eric

The problem, as far as I can tell, isn't compatibility with other older software. It's that my existing library is too ancient to even pull down the 101e version.

I've bitten the bullet and started to build a new toaster, which is something I should have done long ago anyway.

One question for you (and the list): what's an appropriate spec for a qmailtoaster host? I've created a 2GB Linode instance and am starting to build on that, but I could double the memory if necessary. This is for a low-traffic mailserver, handling a good number of domains (30?) but each with only a few active users. It will essentially _only_ be running the toaster, and possibly DNS, but not much more than that.

Thanks again for your help,

Angus




On 2019-06-17 23:06, Eric Broch wrote:
Angus,

Upgrading will not interfere with present ssl library as the 101e
version is installed under a different name and qmail is linked to it.
Every other package will  continue as usual using older version.

Eric

On 6/17/2019 8:10 PM, Angus McIntyre wrote:
Thank you, Eric.

Unfortunately, I've hit a "can't get there from here" situation. Upgrading the SSL library requires a newer version of SSL than I have installed. After aA lot of repo tweaking, I end up with:

   M2Crypto.SSL.SSLError: tlsv1 alert protocol version

I suspect that this is insoluble, and my best bet is to build a new qmailtoaster on a modern version of CentOS. I was hoping to keep this one limping along a little longer, but -- unless you have any other suggestions -- I think I've come to the end of the line.

Thanks,

Angus




On 2019-06-17 09:27, Eric's mail wrote:
https://www.qmailtoaster.org/newopensslclamavcnt50.html [1]

Get Outlook for Android [2]

On Mon, Jun 17, 2019 at 5:40 AM -0600, "Angus McIntyre"
<an...@pobox.com> wrote:

I've recently started getting bounces when trying to send email to
one
particular domain. The errors read:

TLS connect failed:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:
sslv3 alert handshake failure

I'm running a probably fairly elderly version of QMT on CentOS 5
(yes, I
know, I know ...). I assume that what's happening is that the remote

site has disabled support for SSL 3.0 for security reasons, and that

what I need to do is to switch sslv3 off on my server, to prevent it

trying that protocol.

Can anyone confirm that, and remind me what part of my configuration
I
need to change to make that happen?

Thanks,

Angus


---------------------------------------------------------------------
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com


Links:
------
[1] https://www.qmailtoaster.org//newopensslclamavcnt50.html
[2] https://aka.ms/ghei36

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to