Re: [exim] Problems with yahoo

Góra strony
Delete this message
Reply to this message
Autor: Lena
Data:  
Dla: exim-users
Temat: Re: [exim] Problems with yahoo
> From: Odhiambo Washington

> Of late I am having difficulties delivering mail to users on Yahoo who are
> subscribed to a mailing list that I run for the community.
> The following error fills my log:
>
> 2015-12-08 18:58:29 Start queue run: pid=7681
> 2015-12-08 18:58:31 1a4rOm-000Cmj-TP [188.125.69.79] SSL verify error:
> depth=2 error=unable to get local issuer certificate cert=/
> C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc.
> - For authorized use only/CN=VeriSign Class 3 Public Pr
> imary Certification Authority - G5


> root@gw:/var/spool/exim/db # exim -bV


> OpenSSL Content_Scanning DKIM Old_Demime DNSSEC PRDR OCSP


> From: Graeme Fowler


> That shouldn't be causing you delivery problems, that's just Exim
> logging certificate validation errors


For less such warnings logged, openssl should be given root certificate file.
In case of FreeBSD install the ca_root_nss port
(it installs /usr/local/openssl/cert.pem ) and restart Exim.
In FreeBSD if Exim uses openssl from base (not from ports) then
in `make config` make sure the option is checked:
"add symlink to /etc/ssl/cert.pem".

Unrelated to this error (or rather warning) message:
for better delivery to yahoo I use:

begin routers
remote_domains_throttled:
  driver = dnslookup
  domains = \N^yahoo\.\N : rocketmail.com : ymail.com : y7mail.com : \
        btinternet.com : btopenworld.com : att.net : sbcglobal.net : rogers.com
  retry_use_local_part
  transport = throttled_smtp
...
begin transports
throttled_smtp:
  driver = smtp
  serialize_hosts = *
  connection_max_messages = 5
  max_rcpt = 9
  retry_use_local_part


Also, set up SPF (with ?all at the end), DMARC with p=none,
sign all messages with DKIM (using any domain).