The change of default has been committed to HEAD and will be MFC'ed in the next
day or two. Likewise, UPDATING from HEAD has been updated with:
20150615:
The fix for the issue described in the 20150614 sendmail entry
below has been been committed in revision 284436. The work
On Mon, Jun 15, 2015 at 5:22 AM, Frank Seltzer
wrote:
> On Sun, 14 Jun 2015, Gregory Shapiro wrote:
>
> I created it per your instructions. See above about it not existing
>>> previously.
>>>
>>
>> Oh, sorry for the confusion. Seems an emergency patch is in order to
>> change the default.
>>
>
On Sun, 14 Jun 2015, Gregory Shapiro wrote:
I created it per your instructions. See above about it not existing
previously.
Oh, sorry for the confusion. Seems an emergency patch is in order to change
the default.
Would you be willing to test this patch (apply, build, install, remove
dh.pa
On Sun, Jun 14, 2015 at 08:23:33PM -0700, Gregory Shapiro wrote:
> > I created it per your instructions. See above about it not existing
> > previously.
>
> Oh, sorry for the confusion. Seems an emergency patch is in order to change
> the default.
For now, I've add an UPDATING entry:
+2015061
> I created it per your instructions. See above about it not existing
> previously.
Oh, sorry for the confusion. Seems an emergency patch is in order to change
the default.
Would you be willing to test this patch (apply, build, install, remove
dh.params file, and restart)?
The patch changes
On Sun, 14 Jun 2015, Gregory Shapiro wrote:
After the update I got your email and followed your instructions, except for
moving dh.param because it didn't exist, and sendmail is happy now.
Happy to hear sendmail is happy.
I checked and there is still no mention of this in /usr/src/UPDATING s
> After the update I got your email and followed your instructions, except for
> moving dh.param because it didn't exist, and sendmail is happy now.
Happy to hear sendmail is happy.
> I checked and there is still no mention of this in /usr/src/UPDATING so my
> question is, when and how is dh.para
On 6/14/2015 19:21, Frank Seltzer wrote:
> I updated source and rebuilt world and kernel with no change in
> sendmail's behavior. This is the revision I have now:
>
> root@Ace:/etc/mail/certs # svnlite info /usr/src/
> Path: /usr/src
> Working Copy Root Path: /usr/src
> URL: svn://ace/src/stable/1
I updated source and rebuilt world and kernel with no change in sendmail's
behavior. This is the revision I have now:
root@Ace:/etc/mail/certs # svnlite info /usr/src/
Path: /usr/src
Working Copy Root Path: /usr/src
URL: svn://ace/src/stable/10
Relative URL: ^/stable/10
Repository Root: svn://a
BTW: You can check the file using:
$ openssl dhparam -C < dhparam.pem | fgrep get_dh
DH *get_dh768()
^^^
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "f
> # DHParameters (only required if DSA/DH is used)
> O DHParameters=/etc/mail/certs/dh.param
>
> # DHParameters (only required if DSA/DH is used)
> O DHParameters=/etc/mail/certs/dh.param
>
> Again, default values, no changes to the installed files made.
Try recreating those -- I'm not exactly s
On Sun, 14 Jun 2015, Gregory Shapiro wrote:
The new OpenSSL eliminated small DHParam support. That leaves two
possibilities:
1. The remote side you are talking to is using a small value. The best thing
to do would be to eliminate the DH ciphers from your settings. See the docs
for the Cip
> Jun 14 00:50:04 Ace sm-msp-queue[79406]: STARTTLS=client, error: connect
> failed=-1, reason=dh key too small, SSL_error=1, errno=0, retry=-1
> Jun 14 00:50:04 Ace sm-msp-queue[79406]: ruleset=tls_server, arg1=SOFTWARE,
> relay=[127.0.0.1], reject=403 4.7.0 TLS handshake.
The new OpenSSL elimi
On Sun, Jun 14, 2015 at 10:57:13AM -0400, Frank Seltzer wrote:
> Am I the only one seeing this?
Nope, I had the same issues after upgading from 10.1-RELEASE-p10 to
10.1-RELEASE-p12 using freebsd-update.
I fixed this in my home enviroment by disabling TLS in sendmail.cf, by
commenting e.g. adding
On 14/06/2015 10:57, Frank Seltzer wrote:
> Because of a recent alert I updated both of my FreeBSD computers (both
> running 10.1-STABLE and built from /etc/src) to r284296 and am having a
> problem with sendmail. Sendmail is giving me the following error every
> 30 minutes:
>
> Jun 14 09:50:04 Ac
I didn't get any hits from a mailing list search and there is no mail or
sendmail list so I am sending it here because stable is what I'm running.
Because of a recent alert I updated both of my FreeBSD computers (both
running 10.1-STABLE and built from /etc/src) to r284296 and am having a
prob
16 matches
Mail list logo
