How recent was that? I only built this server in the last month or so.
-Sent from my Pip-Boy 3000 > On 11 Jul 2024, at 1:50 AM, Eric Broch <ebr...@whitehorsetc.com> wrote: > > Chris, > > As of qmail-1.03-3.3.10 the dh and rsa key requirements have been removed > from qmail-smtpd and qmail-remote per openssl policies. > > Is this happening when receiving or sending mail or both? If when receiving > mail do you have spamdyke in place? > > Eric > >> On 7/9/2024 3:15 PM, Chris Knight wrote: >> >>>> On Jul 10, 2024, at 1:34 AM, Eric Broch <ebr...@whitehorsetc.com> wrote: >>> >>> What system are you on? OS, qmt, etc... >> >> System: >> NAME="Rocky Linux" >> VERSION="9.4 (Blue Onyx)" >> ID="rocky" >> ID_LIKE="rhel centos fedora" >> VERSION_ID="9.4" >> PLATFORM_ID="platform:el9" >> PRETTY_NAME="Rocky Linux 9.4 (Blue Onyx)" >> ANSI_COLOR="0;32" >> LOGO="fedora-logo-icon" >> CPE_NAME="cpe:/o:rocky:rocky:9::baseos" >> HOME_URL="https://rockylinux.org/"; >> BUG_REPORT_URL="https://bugs.rockylinux.org/"; >> SUPPORT_END="2032-05-31" >> ROCKY_SUPPORT_PRODUCT="Rocky-Linux-9" >> ROCKY_SUPPORT_PRODUCT_VERSION="9.4" >> REDHAT_SUPPORT_PRODUCT="Rocky Linux" >> REDHAT_SUPPORT_PRODUCT_VERSION=“9.4" >> >> >> qmt: qmt-release-1-8.qt.el9 >> >> >> >> >>> On 7/8/2024 11:43 PM, Chris wrote: >>>> Back in 2020 there was a thread about mail delivery deferrals with the >>>> message "dh key too small'. Well, I've got them on the toaster I just put >>>> into production. >>>> >>>> TLS_connect_failed:_error:0A00018A:SSL_routines::dh_key_too_small >>>> >>>> The advise at the time was to check the crypto policy >>>> (update-crypto-policies --show) and to set to LEGACY if that's not the >>>> case. >>>> >>>> # update-crypto-policies --show >>>> LEGACY >>>> >>>> # update-crypto-policies --is-applied >>>> The configured policy is applied >>>> >>>> # update-crypto-policies --check >>>> The configured policy matches the generated policy >>>> >>>> These tests indicate I am using legacy settings, but I am still getting >>>> these delivery issues. >>>> >>>> Any suggestions? >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > --------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
