The "broken pipe" and "connection reset by peer" messages mean that the remote machine disconnected without properly ending the session. It's possible you're getting these messages because your firewall is blocking SSL/TLS connections (especially if it doesn't understand the protocols), but it's more likely this is an issue with the remote clients. Unless they're causing problems, I would ignore them.
-- Sam Clippinger On 2/12/10 3:35 PM, Eric Shubert wrote: > Greg Cirino wrote: > >> | Greg Cirino wrote: >> |> Could someone explain the following error >> |> >> |> spamdyke[26182]: ERROR: unable to read from SSL/TLS stream: A protocol >> |> or >> |> library failure occurred, error:1408F10B:lib(20):func(143):reason(267) |> >> |> followed by a series of >> |> >> |> spamdyke[25977]: ERROR: unable to write to SSL/TLS stream: The >> operation >> |> failed due to an I/O error, Broken pipe >> |> >> |> and occassionally >> |> >> |> spamdyke[30525]: ERROR: unable to read from SSL/TLS stream: The |> >> operation >> |> failed due to an I/O error, Connection reset by peer >> |> >> |> spamdyke.conf file >> |> >> |> tls-certificate-file=/var/qmail/control/servercert.pem >> |> tls-level=smtp >> |> >> |> Best >> |> Greg >> | >> | Which distro/version are you running? >> | Do you have the openssl package installed? If so, which version? | Have >> you tried running spamdyke with the --config-test option to see if | it >> perhaps gives a more meaningful message? >> | >> | -- >> | -Eric 'shubes' >> | >> >> 2.6.12-1.1381_FC3smp #1 SMP >> openssl 0.9.7a >> spamdyke 4.0.10+TLS+CONFIGTEST+DEBUG >> >> it has been in production for quite some time >> was running tls originally, just never realized >> those messages, since turning it back on today. >> >> I also catch these when there is an ssl/tls error >> >> spamdyke[25231]: ERROR: unable to write to SSL/TLS stream: The operation >> failed due to an I/O error, Broken pipe >> >> spamdyke[25231]: ERROR: unable to write 37 bytes to file descriptor 1: >> Broken pipe >> >> spamdyke[25231]: TIMEOUT from: [email protected] to: >> [email protected] origin_ip: 201.24.172.122 origin_rdns: >> 201-24-172-122.cbace700.dsl.brasiltelecom.net.br auth: (unknown) reason: >> TIMEOUT >> >> I'm almost sure tls works as I sent an email via the seamonkey email >> client which uses STARTTLS and mail goes right through, with no errors >> being reported in the log. >> >> greg >> > The timeout messages are fairly common. Some spammers don't know how to > end a session gracefully when they're told to get lost. > > I'm not sure about the other errors though. I believe that the "broken > pipe" is the crux of the error. I'm not sure how or if this is related > to ssl/tls. I'm guessing that it's not ssl/tls related if that works in > some cases. > > I'm sorry I can't be of much more help than that. I would ask though, > what's causing the broken pipes? > > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
