Monday my exim4 server began reporting errors trying to deliver email to a number of sites, as follows:
2012-03-07 09:04:42 1S5JM2-0001iQ-Rz <= jos...@pfeifferfamily.net U=pfeiffer P=local S=398 2012-03-07 09:04:44 1S5JM2-0001iQ-Rz TLS error on connection to creepinglunacy.com [199.85.212.11] (recv): A TLS packet with unexpected length was received. 2012-03-07 09:04:44 1S5JM2-0001iQ-Rz TLS error on connection to creepinglunacy.com [199.85.212.11] (send): The specified session has been invalidated for some reason. 2012-03-07 09:04:44 1S5JM2-0001iQ-Rz ** m...@creepinglunacy.com R=dnslookup T=remote_smtp: SMTP error from remote mail server after MAIL FROM:<jos...@pfeifferfamily.net> SIZE=1432: host creepinglunacy.com [199.85.212.11]: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1) 2012-03-07 09:04:45 1S5JM5-0001iV-0U <= <> R=1S5JM2-0001iQ-Rz U=Debian-exim P=local S=1392 2012-03-07 09:04:45 1S5JM2-0001iQ-Rz Completed 2012-03-07 09:05:37 1S5JM5-0001iV-0U => pfeiffer <jos...@pfeifferfamily.net> R=procmail T=procmail_pipe 2012-03-07 09:05:37 1S5JM5-0001iV-0U Completed I don't believe this is happening with every TLS-enabled server I try to send email to, since I also have entries like: 2012-03-07 08:00:04 1S5ILU-0000Xu-3Q <= board-boun...@lcctnm.org H=localhost (babs.wb.pfeifferfamily.net) [127.0.0.1] P=esmtp S=1355 id=mailman.0.1331132402.2099.bo...@lcctnm.org 2012-03-07 08:00:06 1S5ILU-0000Xu-3Q => board-ow...@lcctnm.org R=dnslookup T=remote_smtp H=mx.lcctnm.org [66.96.142.50] X=TLS1.0:RSA_AES_256_CBC_SHA1:32 DN="C=US,O=RTFM\, Inc.,OU=Widgets Division,CN=localhost" 2012-03-07 08:00:06 1S5ILU-0000Xu-3Q Completed (I'm assuming the X=TLS etc in the second line of this example means TLS is being used on this connection) Other people are successfully sending email to several of the sites giving me trouble. I've tried: Updating the various exim4 and libgnutils related packages to the newest versions in the testing repository (of course) Backing off to the oldest exim4 and libgnutils versions I could find Backing off my ca-certificates package to the oldest one in the repositories (which seems to date to 2009), since I found a couple of old bugs related to too many entries in ca-certificates. Installing rng-utils using /dev/urandom as an entropy source, since I came across one thread suggesting insufficient entropy could be the cause (when it didn't make any difference, I took it out again). Switching from exim4-daemon-light (which I'd been using before) to exim4-daemon-heavy. None of this seems to have made the slightest difference. Does anybody have any other suggestions for something to try? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1bfwdk5q90....@pfeifferfamily.net
