On Fri, 31 Aug 2007 13:58:07 +0200 Stefan Priebe <[EMAIL PROTECTED]> wrote: > To 4.) perhaps the new instance also solves this problem. I don't > remember the failure - i only know that it was TLS related. And the > connection fails after TLS command. It does not solve it, it seems to be a problem with the SSL socket. We can't close it properly with $ssl_sock->close(SSL_no_shutdown => 1, SSL_ctx_free => 1); The child would have no socket to talk to the next client... Downgrading to clear text doesn't seem to bee supported by IO::Socket::SSL. I guess that -async would have the same problem (if SSL would be possible).
For now it seems like the only solution is to exit the process if SSL and non-SSL connections are used on the same port (STARTTLS), prefereably not in hook_disconnect() but in hook_post_connection(), see attached diff. With SSL-only connections on port 465 everything works fine for me. Hanno
Index: plugins/tls =================================================================== --- plugins/tls (revision 784) +++ plugins/tls (working copy) @@ -151,6 +151,23 @@ return DECLINED; } +# work-around for failed connections in -prefork after STARTTLS connection: +sub hook_post_connection { + my $self = shift; + + return (DECLINED) + unless $self->qp->isa('Qpsmtpd::SMTP::Prefork'); + + return (DECLINED) + if $self->qp->connection->local_port == 465; + + if ($self->connection->notes('tls_enabled')) { + $self->log(LOGWARN, "Exiting, because 'tls_enabled' was true."); + exit; + } + return(DECLINED); +} + sub _convert_to_ssl { my ($self) = @_;