Great, thanks for sharing! One question:
Eric had produced an RPM for qmail 1.03-1.3.23.i386 with the CNAME lookups removed. Yours is 1.03-1.3.22 and with CNAME lookups enabled I assume. How would one migrate the changes you did to Eric's version, as I would like to have both: newer TLS support + CNAME lookups removed? Best, Peter On Fri, Jun 29, 2018 at 10:34 AM, Eric Broch <[email protected]> wrote: > Thanks, Brian!!! > > > On 6/29/2018 1:32 AM, Brian Ghidinelli wrote: > > Good news - I seemed to have solved this. It's a combo of these old notes > from 2011 and an upgraded openssl: > > http://www.ghidinelli.com/2011/10/20/october-qmail-follow-up > > I'm attaching my modified qmail-toaster.spec from 1.3.21. I installed > openssl-1.0.2o from source on CentOS 5 and linked: > > /usr/include/openssl -> /usr/local/ssl/include/openssl/ > > Then I rebuilt the RPM: > > rpmbuild -bb --target i686 --with cnt50 > /usr/src/redhat/SPECS/qmail-toaster.spec > > This generated the RPM. I extracted the files: > > rpm2cpio qmail-toaster-1.03-1.3.22.i686.rpm | cpio -idmv > > I backed up my existing qmail-smtpd and qmail-remote.orig, and copied > the new binaries over (from /usr/src/redhat/RPMS/i686/var/qmail/bin > where cpio extracted them to) > > And then tested with checktls.com and everything shows TLS 1.2 now. *whew* > > This buys us a little time to complete a migration. Hope this helps someone > else! > > > Brian > > > On 6/27/18 09:09, Eric Broch wrote: > > Have a look at this thread: > > https://www.mail-archive.com/[email protected]/msg41029.html > > IMHO, there were to many packages that were dependent on openssl-9.8 on the > CentOS 5 box to make this practical. > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- > Eric Broch > White Horse Technical Consulting (WHTC) --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
