Re: [exim] Delay on exim send increases with uptime

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Viktor Dukhovni
Date:  
À: exim-users
Sujet: Re: [exim] Delay on exim send increases with uptime
On Sun, Feb 02, 2020 at 08:50:03PM -0800, Ian Zimmerman via Exim-users wrote:

> On 2020-02-02 23:00, Viktor Dukhovni wrote:
>
> > And is the OpenSSL library that "/usr/bin/openssl" is linked with, the
> > same one as the one for Exim?
>
> I am quite sure it is, because I build exim myself. I cannot be 100%
> sure for debian packaged exim, but such a blunder would be completely
> out of character.


The idea is not to be "sure", but to actually check with "ldd".

> > Is the /etc/ssl/certs/ directory "hashed" (lots of funny
> > <hexdigits>.<smalldecimal> symlinks)?
>
> Yes.


Well, in that case perhaps Exim is not loading the default CA locations,
or there's some sort of file access control (SELinux? AppArmor? ...)
that's preventing Exim from reading the directory.

You'll have "strace" Exim and see what it is doing when it fails
to verify the peer chain.

Did you share the destination domain name at any point? Perhaps
its certificate chain really does have some sort of issue.

-- 
    Viktor.