Am 13.07.23 um 10:55 schrieb Jeremy Harris via Exim-users:
> On 13/07/2023 09:21, Cyborg via Exim-users wrote:
>> O== What happened?
>
> As you removed all the surrounding context, hard to tell.
it's production system, so i can't give you everything we logged there.
I can filter out some processes from a strace we did.. but you won't see
much more it it.
> Apart from there being a bad certificate.
>
Which is not the case: double checked.
> Is it once per recieved connection attempt, for more than one
> source? Check your server certificate.
Yes, i have several processes in the strace identified, which all come
from the same system,
in the same manner, ending at the same position with the same syscalls
done etc..
I'm sure, the flaw was not on our side. You all know how it is with
customer IT, we will never get a post mortem, if they caused the issue
themselfs ;)
>
> Is it associated with connections from one specific source?
>
It was just that one M$ system causing all the entries, besides some old
messages from Mailgunservers.
After blocking that server > 1.000 of different ssl connections have
been handeled flawless, just 2 from mailgun have failed in the same way.
Exim is not the root cause.
> Is it on outbound (transport) connections? Check the server certtificate
> the transport specifies.
Inbound only.
best regards,
Marius
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
