[exim] TLS errors on SMTP (non-AUTH) connections

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Vincent Danen
Date:  
À: exim-users
Sujet: [exim] TLS errors on SMTP (non-AUTH) connections
I'm a little bit stumped on this one:

2007-01-28 10:19:23 1HBDbg-00013F-1T TLS error on connection to hostgator.com [67.18.54.2]: SSL_connect timed out
2007-01-28 10:19:23 1HBDbg-00013F-1T TLS session failure: delivering unencrypted to hostgator.com [67.18.54.2] (not in hosts_require_tls)
...
2007-01-28 10:24:25 1HBDbg-00013F-1T == sales@??? R=dnslookup T=remote_smtp defer (110): Connection timed out: SMTP timeout while connected to hostgator.com [67.18.54.2] after MAIL FROM:<vdanen@???> SIZE=4721

Why would I be getting an error like that? Is the remote host requiring
SSL or a STARTTLS connection in order to deliver mail (this is something
I wrote, sent to my server to relay, and now it's sitting in my queue
with multiple errors like the above).

This is the second host I'm seeing this with and have no idea how to
solve this. I only use TLS for incoming SMTP-AUTH (no TLS, no AUTH),
but nowhere do I have anything defined for outbound TLS/SSL.

And yet, when I do a manual telnet from my host, it all looks normal:

[root@hades 2007]# telnet 67.18.54.2 25
Trying 67.18.54.2...
Connected to gator.hostgator.com (67.18.54.2).
Escape character is '^]'.
220-gator.hostgator.com ESMTP Exim 4.63 #1 Wed, 31 Jan 2007 12:43:53 -0600
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
HELO hades.annvix.org
250 gator.hostgator.com Hello hades.annvix.org [66.181.209.81]
MAIL FROM: <vdanen@???>
250 OK
RCPT TO: <sales@???>
250 Accepted
QUIT
221 gator.hostgator.com closing connection
Connection closed by foreign host.

>From my exim.conf:


[root@hades 2007]# grep -i tls /etc/exim/exim.conf 
tls_certificate      = /etc/exim/ssl/eximsslkey.pem
tls_privatekey       = /etc/exim/ssl/eximsslkey.pem
tls_advertise_hosts  = *
auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}
  # only show on TLS-protected connections
  server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
  server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}



The last two are from the authenticators section, the first for
plain_login, the second for cram_md5_login.

Does anyone have any idea why I'm seeing those TLS errors? I'm assuming
I've misconfigured something, but I can't tell what.

Thanks much in advance.

--
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4}
mysql> SELECT * FROM users WHERE clue > 0;
Empty set (0.00sec)