Hello, Friday, August 20, 2004, 2:02:16 PM, Mark Powell wrote: > I take it that ./qpsmtpd is just a left over from the previous run setup?
you are absolutely right, it's the ol' copy/paste bug. > Or does that do something? it just sits there ;) > Yeah, that is a problem I didn't want to tackle. Even though running extra > qpsmtpd instances just for the other ports seemed to be overkill, it seems > the easiest way. If I understand correctly, whe using PPerl on SSL connections it simply uses the child processes created for the non-ssl clients. At least seems so for me. The stunnel is just only a wrapper (kind of) but uses say "normal" qpsmtpd processes. Interesting a little ;) > I haven't seen that error although we have only had a handful of these > connections so far. It appears after every connection. (Update: uh, oh, got it now - it's MUA, it's probably borken somwehow. I've tried another MUA and there's no error) > Maybe something to do with the stunnel build, here's > mine: and this is what I got (it's from .deb package, I'll try to build it myself - update: it doesn't help - see above) # stunnel -version stunnel 4.05 on i386-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7d 17 Mar 2004 Global options cert = /etc/stunnel/stunnel.pem ciphers = ALL:!ADH:+RC4:@STRENGTH debug = 5 key = /etc/stunnel/stunnel.pem pid = /var/run/stunnel4/stunnel.pid RNDbytes = 64 RNDfile = /dev/urandom RNDoverwrite = yes session = 300 seconds verify = none Service-level options TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTidle = 43200 seconds > We have a need for both smtp over ssl and smtp with tls to support > different clients. I decided to run these on ports 465 and 587 > respectively. I made a quick mod so that my authldap plugin is only used > on these encrypted ports and not at all on port 25. they are the same as mine, basically. although I don't se the difference between the starttls and smtp-ssl services (except they run on different ports ;) but it could be just my eyes. Anyway, thanks for sharing the info. -- spaze -- exploited.cz -- tojeono.cz - forget everything and remember! -
