Thanks for the response Wietse, most appreciated. Daniel Sutcliffe wrote: >> I'm having a very similar problem here on CentOS 6 - unfortunately moving or >> removing the TLS session caches and restarting postfix is not fixing my >> problem >> at all. Coincidently the openssl package was updated the day before the >> problem >> started. >> postfix 2.6.6-2.2.el6_1 >> openssl 1.0.0-20.el6_2.4
Wietse Venema <wie...@porcupine.org> wrote: > Was Postfix compiled for openssl 1.0.0? If it was built for 0.9.mumble, > then the warranty is void and all bets are off. CentOS 6 has always been OpenSSL 1.0.0 AFAIK and therefore the postfix version was certainly originally built against this. Trawling back through the logs I can see that on May 16 openssl was upgraded from 1.0.0-20.el6_2.3 to 1.0.0-20.el6_2.4 - and there had been no issues running the postfix 2.6.6-2.2.el6_1 package with that previous package build of openssl. I have now tried stopping postfix, downgrading my openssl package back to this previous version, deleting the TLS session caches, and starting postfix again and the same problem is occurring - which would infer to me that it isn't an OpenSSL package version which caused the problem - and maybe the upgrade of this package in the same time-frame as when the problem started occurring may be a bit of a red herring :( The only other change in system which would seem to be even slightly related was that the kernel was updated and a reboot occurred just before the errors started to occur. I am contemplating going back to the previous version of the kernel but would like to take advice from those more experienced and knowledgeable in postfix than myself as to if this might possibly have caused the issue, or if there are any other diagnostics I can do before this ... the server runs a live Web site so downtime for a reboot is something I want to avoid and/or timetable during a quiet period. Any pointers gratefully received, Cheers /dan -- Daniel Sutcliffe <dan...@tcnow.com>
