Re: [exim] TLS error on connection

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-users
Subject: Re: [exim] TLS error on connection
On Thu, Aug 27, 2015 at 02:49:12PM +0100, Gary Stainburn wrote:

> I've just put live a brand new shiney Centos 7 server to replace my aging
> Fedora system. One of the reasons for doing the upgrade was to try to get
> rid of the errors that prevented some sites from sending emails to us.


Are you sure this is actually preventing email delivery? Perhaps
other log entries show successful mail deliveries.

> 2015-08-27 14:06:03 TLS error on connection from
> mx-relay42-dus.antispameurope.com [94.100.134.242] (SSL_accept): timed out


If you're seeing various connection timeouts, perhaps there's a
path MTU or similar network problem.

> As the new server is significantly bigger / faster than the old one, I don't
> think performance is the cause. I have noticed that when
> I 'tail -f /var/log/exim/mainlog' it scrolls up my screen much quicker than
> the old server did so I think that performance may have been part of the
> reason originally


The timeouts are unlikely to have been caused by the performance
of your server, either before or after the upgrade.

You should capture traffic (tcpdump) from one or more of these
servers, and see if you can make sense of it with wireshark or
similar. Look for retransmissions, etc.

    # By name or address as applicable.
    #
    tcpdump -w /file/name -s 0 host example.com and port 25
    tcpdump -w /file/name -s 0 host 192.0.2.1 and port 25


Ctrl-C or "kill -INT" when enough traffic has been captured.

-- 
    Viktor.