Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
Michael Colvin wrote: If you won't want to pay $15, don't want to contact the other server's admin, or you can't just get that domain's hosting yourself, you might consider setting up another qmail server w/o tls, possibly on a virtual machine or something, and use smtproutes on your main server, to send to that new qmail server, that will then forward it to the current hosts server, without tls. Basically, build your own proxy server for this one domain...Seems like a waste of time, but it's better than $15 a month for someone elses proxy server. :-) I like the idea of just getting them to host with you instead, and point out why they should. As Eric said, it doesn't look like their current host knows what's up. Mike IIRC (haven't tried this in a long time, not sure of the patch has changed or not) if you remove either the servercert.pem or the tlsserverciphers file it should stop trying to use TLS. - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] TLS_connect_failed: Plesk mailserver
My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
PakOgah wrote: My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e-workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152-app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152-app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde I get the same failure with CentOS5.3, all up to date packages. So upgrading isn't going to fix this. I don't believe this is a problem on your end, and I don't know of a workaround either. You could try dyndns.org's outbound mailhop service ($15/yr). You would route mail for that domain via dyndns.org using smtproutes. Their mailhop servers might not fare any better though. I would contact the mail administrator at pegasus (dotcomindonesia.com) to see if you can't help with fixing their server. Better yet, offer to host pegasus's email for them, as their provider doesn't appear to have the most reliable system. ;) -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] TLS_connect_failed: Plesk mailserver
If you won't want to pay $15, don't want to contact the other server's admin, or you can't just get that domain's hosting yourself, you might consider setting up another qmail server w/o tls, possibly on a virtual machine or something, and use smtproutes on your main server, to send to that new qmail server, that will then forward it to the current hosts server, without tls. Basically, build your own proxy server for this one domain...Seems like a waste of time, but it's better than $15 a month for someone elses proxy server. :-) I like the idea of just getting them to host with you instead, and point out why they should. As Eric said, it doesn't look like their current host knows what's up. Mike -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: Friday, August 28, 2009 10:13 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver PakOgah wrote: My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:ssl v3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e- workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152- app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152- app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde I get the same failure with CentOS5.3, all up to date packages. So upgrading isn't going to fix this. I don't believe this is a problem on your end, and I don't know of a workaround either. You could try dyndns.org's outbound mailhop service ($15/yr). You would route mail for that domain
Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver
That's $15/YR (for the record). That allows 150 emails per day. Pretty affordable, but then again, why spend it if you don't have to? Michael Colvin wrote: If you won't want to pay $15, don't want to contact the other server's admin, or you can't just get that domain's hosting yourself, you might consider setting up another qmail server w/o tls, possibly on a virtual machine or something, and use smtproutes on your main server, to send to that new qmail server, that will then forward it to the current hosts server, without tls. Basically, build your own proxy server for this one domain...Seems like a waste of time, but it's better than $15 a month for someone elses proxy server. :-) I like the idea of just getting them to host with you instead, and point out why they should. As Eric said, it doesn't look like their current host knows what's up. Mike -Original Message- From: news [mailto:n...@ger.gmane.org] On Behalf Of Eric Shubert Sent: Friday, August 28, 2009 10:13 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] TLS_connect_failed: Plesk mailserver PakOgah wrote: My user complain cant sent email to domain pegasusinsurindo.com when I check on send log this is error 08-28 19:09:05 delivery 243: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:ssl v3_alert_handshake_failure;_connected_to_72.4.126.254./ already search on archive and google and only got this similar. http://www.thegillis.net/2007/04/07/mail-toaster-qmail-and-openssl-098e- workaround-and-fix/ but I am not using openssl 0.9.8e and from http://forum.parallels.com/printthread.php?t=52543 which I quote Does anybody know of a way to prevent Qmail from attempting a STARTTLS when sending to a server advertising STARTTLS capability? I am using centos 4.6 my toaster package is: [r...@server2 send]# rpm -qa | grep toaster libdomainkeys-toaster-0.68-1.3.3 courier-authlib-toaster-0.59.2-1.3.6 ezmlm-toaster-0.53.324-1.3.3 maildrop-toaster-2.0.3-1.3.5 squirrelmail-toaster-1.4.9a-1.3.6 simscan-toaster-1.3.1-1.3.6 daemontools-toaster-0.76-1.3.3 vpopmail-toaster-5.4.17-1.3.4 libsrs2-toaster-1.0.18-1.3.3 qmail-pop3d-toaster-1.03-1.3.15 courier-imap-toaster-4.1.2-1.3.7 control-panel-toaster-0.5-1.3.4 ezmlm-cgi-toaster-0.53.324-1.3.3 qmailmrtg-toaster-4.2-1.3.3 maildrop-toaster-devel-2.0.3-1.3.5 vqadmin-toaster-2.3.4-1.3.3 ripmime-toaster-1.4.0.6-1.3.3 qmailtoaster-plus.repo-0.1-1 spamassassin-toaster-3.2.5-1.3.17 ucspi-tcp-toaster-0.88-1.3.5 qmail-toaster-1.03-1.3.15 autorespond-toaster-2.0.4-1.3.3 qmailadmin-toaster-1.2.11-1.3.4 isoqlog-toaster-2.1-1.3.4 qmailtoaster-plus-0.3.1-1.4.11 clamav-toaster-0.95.2-1.3.29 my openssl version is [r...@server2 send]# rpm -qa | grep openssl openssl-0.9.7a-43.17.el4_6.1 xmlsec1-openssl-1.2.6-3 openssl096b-0.9.6b-22.46 openssl-devel-0.9.7a-43.17.el4_6.1 does anyone can execute the below command on his box? below output is the result on my end. openssl s_client -starttls smtp -crlf -connect mail.pegasusinsurindo.com:25 -debug CONNECTED(0003) read from 09D43330 [09D3E130] (8192 bytes = 55 (0x37)) - 32 32 30 20 32 33 39 31-35 32 2d 61 70 70 33 2e 220 239152- app3. 0010 - 32 33 39 31 35 32 2d 61-70 70 33 2e 64 6f 74 63 239152- app3.dotc 0020 - 6f 6d 69 6e 64 6f 6e 65-73 69 61 2e 63 6f 6d 20 omindonesia.com 0030 - 45 53 4d 54 50 0d 0a ESMTP.. write to 09D43330 [BFF73BD0] (10 bytes = 10 (0xA)) - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. read from 09D43330 [09D3C128] (8192 bytes = 19 (0x13)) - 32 32 30 20 72 65 61 64-79 20 66 6f 72 20 74 6c 220 ready for tl 0010 - 73 0d 0a s.. write to 09D43330 [09D43378] (142 bytes = 142 (0x8E)) - 80 8c 01 03 01 00 63 00-00 00 20 00 00 39 00 00 ..c... ..9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 66 00 ..3..2../.f. 0030 - 00 05 00 00 04 01 00 80-08 00 80 00 00 63 00 00 .c.. 0040 - 62 00 00 61 00 00 15 00-00 12 00 00 09 06 00 40 b..a...@ 0050 - 00 00 65 00 00 64 00 00-60 00 00 14 00 00 11 00 ..e..d..`... 0060 - 00 08 00 00 06 04 00 80-00 00 03 02 00 80 ab 56 ...V 0070 - b4 3f 80 e1 6e d6 38 38-43 99 98 8c ad 1b 79 96 .?..n.88C.y. 0080 - 16 c9 c5 80 d1 fe fc 46-7a 7b 15 fd e1 15 ...Fz{ read from 09D43330 [09D488D8] (7 bytes = 7 (0x7)) - 15 03 01 00 02 02 28 ..( 9078:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:470: thanks before for the responde I get the same failure with CentOS5.3, all up to date packages. So upgrading isn't going to fix this. I don't believe this is a problem on your end, and I don't know of a workaround either. You could try dyndns.org's outbound mailhop service ($15/yr). You would route mail for that domain via
Re: [qmailtoaster] TLS_connect_failed;
Hi Eric, I had this problem too. How do I create a TLS's certificate? It's same to SSL's certificate? Regards, Kevin Qiu SA Beijing Foxit Software Company Gabriel Lai 写道: Eric, I only have this problem when qmail server wants to deliver the email to the remote server which hosted in Hong Kong. Other remote mail servers accept the emails from Qmail Server without any issue Is it because of certificate issue? Gab */Eric Shubert [EMAIL PROTECTED]/* wrote: Gabriel Lai wrote: Hi all, I have the below error message in my send/current log file Please help @4000483bb8e035476974 status: local 0/10 remote 10/60 @4000483bb8e31f8a2a54 delivery 13: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31f8a41c4 status: local 0/10 remote 9/60 @4000483bb8e31fa49bdc delivery 14: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31fa4af64 status: local 0/10 remote 8/60 @4000483bb8e332381634 delivery 16: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332382da4 status: local 0/10 remote 7/60 @4000483bb8e33252399c delivery 15: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33252510c status: local 0/10 remote 6/60 @4000483bb8e3329fec3c delivery 12: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332a003ac status: local 0/10 remote 5/60 @4000483bb8e332bc942c delivery 11: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332bcab9c status: local 0/10 remote 4/60 @4000483bb8e332d728dc delivery 17: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332d7404c status: local 0/10 remote 3/60 @4000483bb8ebc6ac delivery 18: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8ebde1c status: local 0/10 remote 2/60 @4000483bb8e3375f7bd4 delivery 19: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e3375f9344 status: local 0/10 remote 1/60 @4000483bb8e33775de4c delivery 20: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33775f5bc status: local 0/10 remote 0/60 http://wiki.qmailtoaster.com/index.php/Certificate -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TLS_connect_failed;
My crystal ball tells me that your problem is probably not with your toaster. ;) The toaster will use, or attempt to use, TLS when it's available. If it successfully sends to all but one server, the problem is likely with that server, not the toaster. Problems could be: .) misconfigured/inappropriate certificate on the Hong Kong server .) encrypted communications prohibited by Hong Kong's ISP (??) The best way to see what's going on is to configure recordio to run on the send daemon, then run a test. You can find examples of using recordio in the list archives (or maybe on the wiki if someone's added this recently). Gabriel Lai wrote: Eric, I only have this problem when qmail server wants to deliver the email to the remote server which hosted in Hong Kong. Other remote mail servers accept the emails from Qmail Server without any issue Is it because of certificate issue? Gab */Eric Shubert [EMAIL PROTECTED]/* wrote: Gabriel Lai wrote: Hi all, I have the below error message in my send/current log file Please help @4000483bb8e035476974 status: local 0/10 remote 10/60 @4000483bb8e31f8a2a54 delivery 13: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31f8a41c4 status: local 0/10 remote 9/60 @4000483bb8e31fa49bdc delivery 14: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31fa4af64 status: local 0/10 remote 8/60 @4000483bb8e332381634 delivery 16: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332382da4 status: local 0/10 remote 7/60 @4000483bb8e33252399c delivery 15: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33252510c status: local 0/10 remote 6/60 @4000483bb8e3329fec3c delivery 12: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332a003ac status: local 0/10 remote 5/60 @4000483bb8e332bc942c delivery 11: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332bcab9c status: local 0/10 remote 4/60 @4000483bb8e332d728dc delivery 17: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332d7404c status: local 0/10 remote 3/60 @4000483bb8ebc6ac delivery 18: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8ebde1c status: local 0/10 remote 2/60 @4000483bb8e3375f7bd4 delivery 19: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e3375f9344 status: local 0/10 remote 1/60 @4000483bb8e33775de4c delivery 20: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33775f5bc status: local 0/10 remote 0/60 http://wiki.qmailtoaster.com/index.php/Certificate -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TLS_connect_failed;
You can test it that way : openssl s_client -starttls smtp -crlf -connect -debug remote.server.ip:25 Then you will find out if that HK server is playing up on you Like Eric said, it is probably not your toaster -P Eric Shubert wrote: My crystal ball tells me that your problem is probably not with your toaster. ;) The toaster will use, or attempt to use, TLS when it's available. If it successfully sends to all but one server, the problem is likely with that server, not the toaster. Problems could be: .) misconfigured/inappropriate certificate on the Hong Kong server .) encrypted communications prohibited by Hong Kong's ISP (??) The best way to see what's going on is to configure recordio to run on the send daemon, then run a test. You can find examples of using recordio in the list archives (or maybe on the wiki if someone's added this recently). Gabriel Lai wrote: Eric, I only have this problem when qmail server wants to deliver the email to the remote server which hosted in Hong Kong. Other remote mail servers accept the emails from Qmail Server without any issue Is it because of certificate issue? Gab */Eric Shubert [EMAIL PROTECTED]/* wrote: Gabriel Lai wrote: Hi all, I have the below error message in my send/current log file Please help @4000483bb8e035476974 status: local 0/10 remote 10/60 @4000483bb8e31f8a2a54 delivery 13: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31f8a41c4 status: local 0/10 remote 9/60 @4000483bb8e31fa49bdc delivery 14: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31fa4af64 status: local 0/10 remote 8/60 @4000483bb8e332381634 delivery 16: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332382da4 status: local 0/10 remote 7/60 @4000483bb8e33252399c delivery 15: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33252510c status: local 0/10 remote 6/60 @4000483bb8e3329fec3c delivery 12: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332a003ac status: local 0/10 remote 5/60 @4000483bb8e332bc942c delivery 11: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332bcab9c status: local 0/10 remote 4/60 @4000483bb8e332d728dc delivery 17: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332d7404c status: local 0/10 remote 3/60 @4000483bb8ebc6ac delivery 18: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8ebde1c status: local 0/10 remote 2/60 @4000483bb8e3375f7bd4 delivery 19: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e3375f9344 status: local 0/10 remote 1/60 @4000483bb8e33775de4c delivery 20: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33775f5bc status: local 0/10 remote 0/60 http://wiki.qmailtoaster.com/index.php/Certificate -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TLS_connect_failed;
Certificates for TLS and SSL are one in the same. The only difference between TLS and SSL is that SSL is done for the entire connection and hence requires a separate port, while TLS is done on the fly (it can 'shift' from unencrypted to encrypted) so it doesn't need a separate port. I really don't know, but I wonder if some ISPs in China are blocking encrypted connections. That would certainly be possible. Use recordio test and see what's really going on. Kevin Qiu wrote: Hi Eric, I had this problem too. How do I create a TLS's certificate? It's same to SSL's certificate? Regards, Kevin Qiu SA Beijing Foxit Software Company Gabriel Lai 写道: Eric, I only have this problem when qmail server wants to deliver the email to the remote server which hosted in Hong Kong. Other remote mail servers accept the emails from Qmail Server without any issue Is it because of certificate issue? Gab */Eric Shubert [EMAIL PROTECTED]/* wrote: Gabriel Lai wrote: Hi all, I have the below error message in my send/current log file Please help @4000483bb8e035476974 status: local 0/10 remote 10/60 @4000483bb8e31f8a2a54 delivery 13: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31f8a41c4 status: local 0/10 remote 9/60 @4000483bb8e31fa49bdc delivery 14: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31fa4af64 status: local 0/10 remote 8/60 @4000483bb8e332381634 delivery 16: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332382da4 status: local 0/10 remote 7/60 @4000483bb8e33252399c delivery 15: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33252510c status: local 0/10 remote 6/60 @4000483bb8e3329fec3c delivery 12: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332a003ac status: local 0/10 remote 5/60 @4000483bb8e332bc942c delivery 11: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332bcab9c status: local 0/10 remote 4/60 @4000483bb8e332d728dc delivery 17: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332d7404c status: local 0/10 remote 3/60 @4000483bb8ebc6ac delivery 18: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8ebde1c status: local 0/10 remote 2/60 @4000483bb8e3375f7bd4 delivery 19: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e3375f9344 status: local 0/10 remote 1/60 @4000483bb8e33775de4c delivery 20: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33775f5bc status: local 0/10 remote 0/60 http://wiki.qmailtoaster.com/index.php/Certificate -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] TLS_connect_failed;
Eric, I only have this problem when qmail server wants to deliver the email to the remote server which hosted in Hong Kong. Other remote mail servers accept the emails from Qmail Server without any issue Is it because of certificate issue? Gab Eric Shubert [EMAIL PROTECTED] wrote: Gabriel Lai wrote: Hi all, I have the below error message in my send/current log file Please help @4000483bb8e035476974 status: local 0/10 remote 10/60 @4000483bb8e31f8a2a54 delivery 13: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31f8a41c4 status: local 0/10 remote 9/60 @4000483bb8e31fa49bdc delivery 14: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e31fa4af64 status: local 0/10 remote 8/60 @4000483bb8e332381634 delivery 16: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332382da4 status: local 0/10 remote 7/60 @4000483bb8e33252399c delivery 15: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33252510c status: local 0/10 remote 6/60 @4000483bb8e3329fec3c delivery 12: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332a003ac status: local 0/10 remote 5/60 @4000483bb8e332bc942c delivery 11: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332bcab9c status: local 0/10 remote 4/60 @4000483bb8e332d728dc delivery 17: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e332d7404c status: local 0/10 remote 3/60 @4000483bb8ebc6ac delivery 18: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8ebde1c status: local 0/10 remote 2/60 @4000483bb8e3375f7bd4 delivery 19: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e3375f9344 status: local 0/10 remote 1/60 @4000483bb8e33775de4c delivery 20: deferral: TLS_connect_failed;_connected_to_202.134.100.3./ @4000483bb8e33775f5bc status: local 0/10 remote 0/60 http://wiki.qmailtoaster.com/index.php/Certificate -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]