On Wed, Mar 21, 2007 at 03:30:12AM -0700, Steve Langasek wrote:
> Do you have TLS enabled for smtpd on this server? The submitter of 415670
> does, and 2.3.8 was a new upstream version mostly for the purpose of fixing
> a bug with broken SSL ciphers, so this seems the most likely cause here --
> though this doesn't demonstrate that the regression is a bug in postfix, as
> it may simply be a misconfiguration that was previously undetected by
> postfix.
>
> FWIW, I've also just configured tls for smtpd here as a test, and I can
> connect to it without any errors.
i have same problem ... IMHO problem is with openssl version
postfix changelog:
20070225
Workaround: Disable SSL/TLS ciphers when the underlying
symmetric algorithm is not available in the OpenSSL crypto
library at the required bit strength. Problem observed with
SunOS 5.10's bundled OpenSSL 0.9.7 and AES 256. Also possible
with OpenSSL 0.9.8 and CAMELLIA 256. Root cause fixed in
upcoming OpenSSL 0.9.7m, 0.9.8e and 0.9.9 releases. Victor
^^^^^^
Duchovni, Morgan Stanley. Files: src/smtp/smtp_proto.c,
src/smtpd/smtpd.c, src/tls/tls.h, src/tls/tls_client.c,
src/tls/tls_misc.c and src/tls/tls_server.c.
testing/etch - openssl 0.9.8c-4
unstable - openssl 0.9.8e-4
so newer version of openssl is required in Etch ???
--
5o Peter.Mann at tuke.sk
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
