Author: Heiko Schlittermann Date: To: exim-users CC: dpalom Subject: Re: [exim] attempting to change smarthost
Phil Pennock <exim-users@???> (Di 11 Mär 2008 00:02:35 CET): > On 2008-03-10 at 14:56 -0700, dpalom@??? wrote:
> > With exim4 pointed at the new smarthost, I see the EHLO from my machine, and
> > code 250 (OK) response from the smarthost. However, right after that my
> > machine sends a "STARTTLS" command to the smarthost, the smarthost sends
> > back a code 220 (Ready to start TLS), at which point it just sits there with
> > no further progress. I assume it times out eventually.
>
> Known problem with Exim/GnuTLS on Debian with entropy exhaustion; see
> /usr/share/doc/exim4/README.Debian.gz -- using hosts_avoid_tls = * on
> the remote_smtp transport, as Renaud suggested, works around this.
Other work-around is the rng-tools package. It feeds the random
generator if the entropy gets low. (Source for feeding is a hardware
random generator or /dev/urandom).
Depending on your security concerns it might be a better choice than
disabling TLS for some or all hosts.