Re: [exim] attempting to change smarthost

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Heiko Schlittermann
Date:  
À: exim-users
CC: dpalom
Sujet: Re: [exim] attempting to change smarthost
Phil Pennock <exim-users@???> (Di 11 Mär 2008 00:02:35 CET):
> On 2008-03-10 at 14:56 -0700, dpalom@??? wrote:
> > With exim4 pointed at the new smarthost, I see the EHLO from my machine, and
> > code 250 (OK) response from the smarthost. However, right after that my
> > machine sends a "STARTTLS" command to the smarthost, the smarthost sends
> > back a code 220 (Ready to start TLS), at which point it just sits there with
> > no further progress. I assume it times out eventually.
>
> Known problem with Exim/GnuTLS on Debian with entropy exhaustion; see
> /usr/share/doc/exim4/README.Debian.gz -- using hosts_avoid_tls = * on
> the remote_smtp transport, as Renaud suggested, works around this.


Other work-around is the rng-tools package. It feeds the random
generator if the entropy gets low. (Source for feeding is a hardware
random generator or /dev/urandom).

Depending on your security concerns it might be a better choice than
disabling TLS for some or all hosts.

--
Heiko