Heiko Schlittermann wrote:
> Hello,
>
> keeping you up-to-date ...
>
> on the client side I'm now using openssl s_client, on the server side
> I tested:
>
> openssl s_server -accept 587 \
> -CAfile /etc/ssl/certs/ca-certificates.crt
> -cert /etc/ssl/certs/ssl.schlittermann.de.crt \
> -key /etc/ssl/private/ssl.schlittermann.de.key
>
> Connections gets established. Using gnutls-serv on the server side:
>
> gnutls-serv --debug 4 -p 587 \
> --x509cafile /etc/ssl/certs/ca-certificates.crt \
> --x509certfile /etc/ssl/certs/ssl.schlittermann.de.crt \
> --x509keyfile /etc/ssl/private/ssl.schlittermann.de.key
>
> it doesn't work.
>
> I'm not sure if this is still exim related. Please tell me, if you
> experienced problems using GNUTLS...
>
>
Heiko,
GNUTLS has had its share of problem reports, but ISTR most had to do with
inadequate entropy, and have long-since been corrected. Check archives.
Or just use OpenSSL.
And if you'll also drop the spurious 'ssl.' prefix from your HELO et al, you'll
even get past acl's that have reliably found nearly every such source *except*
yours to be .....would you believe ... zombots or spam-engines.
;-)
Bill