[exim] Re: excess dkim header?

2024-01-05 Thread Andrew C Aitchison via Exim-users
On Fri, 5 Jan 2024, Randy Bush via Exim-users wrote: iphone -> mail.rg.net:465 mail.rg.net -> psg.com:25+tls psg.com -> ran.opsg.com:25+tls ran.psg.com -> laptop:imap should psg.com have recognized that it was already properly DKIMmed and not added the second? Not strictly relevant for DKIM

[exim] Re: excess dkim header?

2024-01-05 Thread Bill Cole via Exim-users
On 2024-01-05 at 16:02:45 UTC-0500 (Fri, 05 Jan 2024 13:02:45 -0800) Randy Bush via Exim-users is rumored to have said: should psg.com have recognized that it was already properly DKIMmed and not added the second? Thought experiment: what would you do in response to seeing an unfamiliar doc

[exim] Re: excess dkim header?

2024-01-05 Thread Jeremy Harris via Exim-users
On 1/5/24 21:02, Randy Bush via Exim-users wrote: should psg.com have recognized that it was already properly DKIMmed and not added the second? AFAICS RFC 6376 places no restriction on a second signature, even if it is done by the same organisation. The section on verification mentions handlin

[exim] excess dkim header?

2024-01-05 Thread Randy Bush via Exim-users
iphone -> mail.rg.net:465 mail.rg.net -> psg.com:25+tls psg.com -> ran.opsg.com:25+tls ran.psg.com -> laptop:imap From: Randy Bush Subject: Test To: Randy Bush Date: Fri, 5 Jan 2024 08:58:45 -0800 Return-path: Received: from psg.com ([2001:418:1::62]) by ran.

[exim] *SOLVED* Re: Re: Issues with external servers using incorrect ssl since around new years eve

2024-01-05 Thread Cyborg via Exim-users
BIG THANKS TO SLAVKO :D Am 05.01.24 um 14:38 schrieb Slavko via Exim-users: Dňa 5. januára 2024 13:15:37 UTC používateľ Cyborg via Exim-users napísal: Exim(-> openssl) does not accept one specific TLS 1.2 cipher on incoming connections anymore. Fact checked with s_client -tls1_2 -ciph

[exim] Re: Issues with external servers using incorrect ssl since around new years eve

2024-01-05 Thread Slavko via Exim-users
Dňa 5. januára 2024 13:15:37 UTC používateľ Cyborg via Exim-users napísal: >Exim(-> openssl) does not accept one specific TLS 1.2 cipher on incoming >connections anymore. >Fact checked with s_client -tls1_2 -cipher ECDHE-RSA-AES256-GCM-SHA384 Do you use EC(DSA) or RSA certificate? regard

[exim] Re: Issues with external servers using incorrect ssl since around new years eve

2024-01-05 Thread Cyborg via Exim-users
Hi All, Am 05.01.24 um 11:26 schrieb Cyborg via Exim-users: TLS error on connection from .  (SSL_accept): error:0AC1:SSL routines::no shared cipher The interessting part is, the server that now fail to supply a valid cipher could use TLS 1.2 with a correct TLS 1.2 cipher in mid decemb

[exim] Issues with external servers using incorrect ssl since around new years eve

2024-01-05 Thread Cyborg via Exim-users
Hi All, I'm noticing an increasing amount of failed connections with : TLS error on connection from .  (SSL_accept): error:0AC1:SSL routines::no shared cipher SSL on the server has not changed nor did exim, so I'm sure it's an issue on the remote side. The interessting part is, the