" Also, qmail-remote will try to do TLS with other smtp servers and fail if there is no certificate. Also, MAKE SURE you run "make tmprsadh", and setup the cron job for update_tmprsadh (per the TLS instructions) so that you don't saturate your CPU with temp key generations. "
----- Original Message ----- From: "Jason 'XenoPhage' Frisvold" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 03, 2004 10:52 PM Subject: Re: [toaster] TLS Delays? > Jason 'XenoPhage' Frisvold wrote: > > > Hi all, > > > > I'm using the smtpauth and tls patch located here : > > http://shupp.org/patches/netqmail-1.05-tls-smtpauth-20040705.patch > > > > I'm seeing significant delays (20-30 seconds) when sending mail > > from both Thunderbird and Evolution. These delays only occur when > > using secure SMTP. The logs show the TLS session starting, the client > > sends some TLS stuff (I can't read it) and then the waiting begins. > > About 20-30 seconds later, the server starts responding with more > > stuff and the email is sent. > > > > Any idea what the problem here may be? Any clue how I can fix it? > > This occurs on every mail sent via secure SMTP. Turn off Secure SMTP > > and the emails fly through like it's nothing. > > > > Thanks! > > > I did some debugging via openssl s_client and it seems that the wait is > between the client hello and the server hello. Once the server hello > comes back, the key exchange, cipher stuff, handshakes, and actual > sending of mail take only a second or so... > > qmail-smtpd seems to jump to 100% processor when I try to negotiate > TLS... This would, obviously, be a problem.. :) Any idea why it might > do this?? > > -- > --------------------------- > Jason 'XenoPhage' Frisvold > Engine / Technology Programmer > [EMAIL PROTECTED] > RedHat Certified - RHCE # 803004140609871 > MySQL Pro Certified - ID# 207171862 > MySQL Core Certified - ID# 205982910 > --------------------------- > "Something mysterious is formed, born in the silent void. Waiting alone and unmoving, it is at once still and yet in constant motion. It is the source of all programs. I do not know its name, so I will call it the Tao of Programming." >
