David: that was it! i get the following:
250-TLS 250-HELP 250-STARTTLS 250-DSN 250-SIZE 20480000 250-8BITMIME 250 PIPELINING starttls 220 Ready to start TLS Connection closed by foreign host. the server closed the connection inmediatly after doing the starttls. So it's a problem in the other server. regards, Ingo _____________________________________________ De: Pollack, David [mailto:[EMAIL PROTECTED] Enviado el: Lunes, 04 de Abril de 2005 13:05 Para: 'toaster@shupp.org' Asunto: [toaster] TLS connect failed There are a couple of things to check here. * Look in /var/log/qmail/qmail-send/current - are you seeing permissions errors for "clientcert.pem" and /or "servercert.pem"? * Make sure you have servercert.pem and clientcert.pem in /var/qmail/control, and that they are readable by the user that is running qmail. The simplest thing to do is to chown the files so that the qmail group is the owner - this way you're sure that all the qmail users can read it. * If this is happening with only ONE host on the intenet - like, it always fails to "domain.com" - there's a chance that the remote server is not configured correctly for TLS, but is saying that it is. You can test this like this: slimy:~> telnet mx1.domain.com 25 Trying 216.251.32.71... Connected to mx1.domain.com. Escape character is '^]'. 220 mail107.domain.com ESMTP Sendmail 8.13.1/8.13.1; Thu, 31 Mar 2005 12:01:12 -0500 ehlo domain.com 250-mail107.domain.com Hello slimy.dreamhost.com [205.196.208.18], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 52428800 250-DSN 250-AUTH PLAIN LOGIN 250-STARTTLS 250-DELIVERBY 250 HELP starttls 220 2.0.0 Ready to start TLS If you cant execute the "STARTTLS" command, somehting could be wrong on the remote server. Good luck, david -----Original Message----- From: Ingo Claro [mailto:[EMAIL PROTECTED] Sent: Monday, April 04, 2005 11:41 AM To: toaster@shupp.org Subject: [toaster] TLS connect failed Hello all, i've encountered the following bounce from my server: <[EMAIL PROTECTED]>: TLS connect failed; connected to xxx.xxx.xxx.xxx. I'm not going to try again; this message has been in the queue too long. anyone knows why it happens? regards, Ingo
