Re: [exim] SSL/TLS connections not possible (Urgent)

Top Page
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: Yves Goergen, List, exim
Subject: Re: [exim] SSL/TLS connections not possible (Urgent)


--On 17 May 2006 12:42:26 +0200 Yves Goergen <nospam.list@???>
wrote:

> Hello,
>
> I've set up our new web server and just replaced the old one with it.
> Everything's working fine, except that Exim doesn't accept SSL or TLS
> connections. With SSL connections on port 465, Thunderbird says
> immediately that it could not connect.


Does Exim log anything when you try to connect to port 465? I suspect Exim
isn't listening on 465 at all.

It could be that Thunderbird is connecting with SSL on port 25, which would
fail.

> With TLS on port 25, it takes
> forever for the same message. Without TLS/SSL, the mails can be sent
> just fine. Exim is running as "mail" and listening on both ports 25 and
> 465. It has read access to the server's SSL certificate (the same as on
> the old server, where it still worked).
>
> Here's what Exim puts in its mainlog:
>
> 2006-05-17 12:34:28 TLS error on connection from
> p54942341.dip0.t-ipconnect.de ([192.168.0.2]) [84.148.35.65]
> (SSL_accept): Not Implemented
>
> I have compiled Exim 4.6.2 with TLS support, gave it a hint where to
> look for the libs and everything went fine, no error.
>
> Here's what exim -bV says:
>
> Exim version 4.62 #2 built 17-May-2006 12:34:06
> Copyright (c) University of Cambridge 2006
> Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (February 1, 2005)
> Support for: crypteq iconv() OpenSSL Content_Scanning Old_Demime
> Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz mysql
> Authenticators: cram_md5 plaintext
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir autoreply pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> Configuration file is /usr/exim/configure
>
> Has anybody got an idea what's wrong here?
>
> (Running Debian Linux 3.1)
>
> --
> Yves Goergen "LonelyPixel" <nospam.list@???>
> http://beta.unclassified.de – My web laboratory.




--
Ian Eiloart
IT Services, University of Sussex