[ctw] Re: Timeouts after enabling TLS
- From: Nicholas Orr <nick@xxxxxxxxxxx>
- To: ctw@xxxxxxxxxxxxx
- Date: Wed, 1 Apr 2009 22:13:53 +1100
On 01/04/2009, at 10:06 PM, Cory Rau wrote:
On Mar 31, 2009, at 2:15 PM, Tom Shaw wrote:
At 7:06 PM -0400 3/30/09, Cory Rau wrote:
Since I enabled TLS and confirmed that it seemed to be working
nicely, I've noted that there are a large number of "connection
timed out after 180 seconds" type errors in the ASSP logs. I'm
using the self-signed certs included with ASSP. Could this be the
problem? My intention was to get a legit cert from godaddy or
somewhere. I first noticed this because one of our subsidiaries
using Exchange and a godaddy cert was having intermittent
difficulty sending to the parent company. As I looked deeper, it
looks as though we've been timing out to a number of servers that
I know are legit.
Cory
This can only happen if the per strictly checks your certs. Some
do; some don't. Try a self signed one for your host or purchase one.
Tom
Well, seems I may have FUBARed the SSL setup. I installed a self-
signed cert and I get this in the logs:
Apr-1-09 06:59:31 10.100.0.11 <> client on port 25 issued STARTTLS -
converting to SSL
...but nothing in the headers of the e-mail indicates that TLS was
used. This is a departure from when I was getting those timeouts.
Switching back to the ASSP-supplied certs yields the same result.
In the interim, I'd installed IO::Socket::SSL 1.24 but I'm not sure
if that's related or not. Hmmm...back to the drawing board, I
suppose. Unfortunately, I don't know where to look as I don't see
any errors in the transaction.
I've had issues with SSL as well, but I'm not sure it's just ssl
related. Initially I had issues when trying to send (relay) via this
server using ssl. It would get to sending mail 100% then timeout. If
I disabled ssl in the mail client, and tried again it would still fail
the first time, but work the second time.
But I was also getting timeouts with incoming (local) mail from other
servers. I can't tell if it's the same timeout issue or not, so in
the end I've had to give up on assp for now. I had the same issues
with 2 different hosts with completely different mail server setups
(neither of them EIMS though), so I'm guessing it's something in the
config, but I'm not sure what...
Tom, would have time to have a look through the config file and see if
you can see anything odd?
Thanks,
Nick
Circle The Wagons
manage: //www.freelists.org/list/ctw
post: mailto:ctw@xxxxxxxxxxxxx
unsubscribe: mailto:ctw-request@xxxxxxxxxxxxx?subject=unsubscribe
search: //www.freelists.org/archives/ctw
faq: //www.freelists.org/wiki/the_faq
Other related posts:
