Re: [exim] TLS errors on SMTP (non-AUTH) connections

Top Page
Delete this message
Reply to this message
Author: Vincent Danen
Date:  
To: exim-users
Subject: Re: [exim] TLS errors on SMTP (non-AUTH) connections
* Graeme Fowler <graeme@???> [2007-01-31 19:03:14 +0000]:

> > I'm a little bit stumped on this one:
> >
> > 2007-01-28 10:19:23 1HBDbg-00013F-1T TLS error on connection to hostgator.com [67.18.54.2]: SSL_connect timed out
> > 2007-01-28 10:19:23 1HBDbg-00013F-1T TLS session failure: delivering unencrypted to hostgator.com [67.18.54.2] (not in hosts_require_tls)
> > ...
> > 2007-01-28 10:24:25 1HBDbg-00013F-1T == sales@??? R=dnslookup T=remote_smtp defer (110): Connection timed out: SMTP timeout while connected to hostgator.com [67.18.54.2] after MAIL FROM:<vdanen@???> SIZE=4721
> >
> > Why would I be getting an error like that? Is the remote host requiring
> > SSL or a STARTTLS connection in order to deliver mail (this is something
> > I wrote, sent to my server to relay, and now it's sitting in my queue
> > with multiple errors like the above).
>
>
> http://www.exim.org/exim-html-4.66/doc/html/spec_html/ch39.html#id2704587
>
> "It is not necessary to set any options to have TLS work in the smtp
> transport. If Exim is built with TLS support, and TLS is advertised by a
> server, the smtp transport always tries to start a TLS session. However,
> this can be prevented by setting hosts_avoid_tls (an option of the
> transport) to a list of server hosts for which TLS should not be used."
>
> # turn off TLS on SMTP sending
> hosts_avoid_tls = *
>
> # turn off TLS on SMTP sending for hostgator.com
> hosts_avoid_tls = 67.18.54.2
>
> The usual hostlist rules apply.


Thanks, Graeme. Something else funky is going on there because the
remote SMTP server is still timing out:

2007-01-31 13:40:02 1HBDbg-00013F-1T == sales@??? R=dnslookup T=remote_smtp defer (0): SMTP error from remote mail server after MAIL FROM:<vdanen@???> SIZE=4721: host hostgator.com [67.18.54.2]: 421 gator.hostgator.com: SMTP command timeout - closing connection

Not really sure why unless it's doing a sender verify and is timing out
because the telnet to it worked fine.

I'll have to do some reading to see why this is happening. But at least
I'm not getting those TLS errors which is good.

--
{FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4}
mysql> SELECT * FROM users WHERE clue > 0;
Empty set (0.00sec)