Well I googled a little bit and found in Bill's toaster: *NOTE:* If you get an error like this:
20656:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:473: your qmail install might need the cipher lists. Debian does this, I don't know why. The following commands will fix it: openssl ciphers > /var/qmail/control/tlsclientciphers openssl ciphers > /var/qmail/control/tlsserverciphers It helped. I got in logs: @400000004729182225afb28c tcpserver: ok 6144 0:217.31.58.8:25 :82.208.9.159::36398 @40000000472918222a0879a4 CHKUSER rejected relaying: from <[EMAIL PROTECTED]::> remote <myserver.com:unknown:1.2.3.4> rcpt <[EMAIL PROTECTED]> : client not allowed to relay So it looks ok. But.... there is no record in dns_name or mail_log table in relaydelay database. Huh I've changed #define DEFAULT_LOCAL_SCAN_DEBUG 1 /* set to 1 to enable debugging */ in local_scan.c to enable debugging. Recompiled it, reinstalled and tried to send a message. Then tried to find a file with "local_scan" in it but without any success in /var/log. Uh oh. I am stuck now :D Roman Roman Bělonohý napsal(a): > Eeeeee another problem. > > I installed it using the rest of Jaroslav's man. > > Now I tried to send e-mail from my computer to the server with > greylisting patch. > > I am using another server as my smtp outgoing server. > > I then found a record on that smtp outgoing server. > > It unfortunately is: > > @4000000047290b2c31e070b4 info msg 1014402: bytes 606 from > <[EMAIL PROTECTED]> qp 30480 uid 89 > @4000000047290b2c329d830c starting delivery 72340: msg 1014402 to > remote [EMAIL PROTECTED] > @4000000047290b2c329d9694 status: local 0/10 remote 1/20 > @4000000047290b2c335526c4 delivery 72340: deferral: > TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake > _failure;_connected_to_217.31.58.8./ > @4000000047290b2c3355421c status: local 0/10 remote 0/20 > > > Didn't I "somehow (check my previous post what I did)" forced qmail to > accept e-mails only through SSL??? > > Or maybe it would be enough to activate possibility to accept e-mails > using SSL on that greylisting machine? > > Server propagates possibility to communicate with SSL but how should I > debug it or repair it? > > telnet localhost 25 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 server.com ESMTP > ehlo something.com > 250-server.com > 250-STARTTLS > 250-PIPELINING > 250-8BITMIME > 250-SIZE 0 > 250 AUTH LOGIN PLAIN CRAM-MD5 > > > I am completely LOST lol. > > Roman > > Lampa napsal(a): >> Hello, >> >> i tried as you. Same problem, edit Makefile find followed section: >> >> qmail-envelope-scanner: \ >> load qmail-envelope-scanner.o local_scan.o /usr/lib/mysql/libmysqlclient.a >> ./load qmail-envelope-scanner -lz -lm local_scan.o >> /usr/mysql/libmysqlclient.a >> >> and add after /usr/mysql/libmysqlclient.a you ssllib (eg something >> similiar /usr/lib/libssl.so) . You must add it to both lines >> >> >> 2007/10/31, Lampa <[EMAIL PROTECTED]>: >> >>> Hello, >>> >>> ok so try another: >>> >>> add libssl when linking qmail-envelope-scanner. >>> >>> See pattern " -L/usr/local/ssl/lib -lssl -lcrypto" below. When linking >>> qmail-smtpd where is not missing " -L/usr/local/ssl/lib -lssl >>> -lcrypto" pattern when linking mail-envelope-scanner.c there is >>> missing. >>> >>> Do you have nonstandart ssl instalation of ssl ? (installed in >>> /usr/local/ssl instead /usr ?) >>> >>> /load qmail-smtpd chkuser.o qregex.o rcpthosts.o commands.o timeoutread.o \ >>> timeoutwrite.o ip.o ipme.o ipalloc.o strsalloc.o control.o >>> control_time.o time.o \ >>> constmap.o tls.o ssl_timeoutio.o ndelay.a -L/usr/local/ssl/lib >>> -lssl -lcrypto \ >>> received.o date822fmt.o now.o qmail.o spf.o spam.o spam_get.o >>> cdb.a fd.a wait.a \ >>> datetime.a getln.a open.a sig.a case.a env.a stralloc.a \ >>> alloc.a strerr.a substdio.a error.a str.a fs.a auto_qmail.o >>> auto_uids.o base64.o `cat \ >>> socket.lib tai.lib dns.lib` dns.o lock.a `head -1 >>> /home/vpopmail/etc/lib_deps` >>> ./compile qmail-envelope-scanner.c >>> ./compile local_scan.c >>> ./load qmail-envelope-scanner -lz -lm local_scan.o >>> /usr/lib/mysql/libmysqlclient.a >>> >>> 2007/10/31, Roman Bělonohý <[EMAIL PROTECTED]>: >>> >>>> Strange, >>>> >>>> ./compile qmail-envelope-scanner.c >>>> ./compile local_scan.c >>>> ./load qmail-envelope-scanner -lz -lm local_scan.o >>>> /usr/lib/mysql/libmysqlclient.a >>>> /usr/lib/mysql/libmysqlclient.a(client.o): In function >>>> `mysql_close_free_options': >>>> (.text+0xa08): undefined reference to `SSL_CTX_free' >>>> .... >>>> >>>> ls -la /usr/lib/ | grep libmysqlclient.so >>>> lrwxrwxrwx 1 root root 30 Oct 31 14:46 libmysqlclient.so -> >>>> mysql/libmysqlclient.so.15.0.0 >>>> lrwxrwxrwx 1 root root 30 Oct 31 14:46 libmysqlclient.so.15 -> >>>> mysql/libmysqlclient.so.15.0.0 >>>> lrwxrwxrwx 1 root root 30 Oct 31 14:46 libmysqlclient.so.15.0 -> >>>> mysql/libmysqlclient.so.15.0.0 >>>> lrwxrwxrwx 1 root root 30 Oct 31 14:46 libmysqlclient.so.15.0.0 -> >>>> mysql/libmysqlclient.so.15.0.0 >>>> >>>> >>>> ls -la /usr/lib/mysql/ | grep libmysqlclient.so >>>> lrwxrwxrwx 1 root root 24 Oct 31 14:46 libmysqlclient.so -> >>>> libmysqlclient.so.15.0.0 >>>> lrwxrwxrwx 1 root root 24 Oct 31 14:46 libmysqlclient.so.15 -> >>>> libmysqlclient.so.15.0.0 >>>> -rwxr-xr-x 1 root root 1378484 Oct 31 14:46 libmysqlclient.so.15.0.0 >>>> >>>> >>>> ldd /usr/lib/mysql/libmysqlclient.so.15.0.0 >>>> linux-gate.so.1 => (0xffffe000) >>>> libcrypt.so.1 => /lib/libcrypt.so.1 (0xb7d92000) >>>> libnsl.so.1 => /lib/libnsl.so.1 (0xb7d7b000) >>>> libm.so.6 => /lib/libm.so.6 (0xb7d55000) >>>> libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0xb7d1f000) >>>> libcrypto.so.0.9.8 => /usr/lib/libcrypto.so.0.9.8 (0xb7c04000) >>>> libz.so.1 => /lib/libz.so.1 (0xb7bf4000) >>>> libc.so.6 => /lib/libc.so.6 (0xb7ac4000) >>>> /lib/ld-linux.so.2 (0x80000000) >>>> libdl.so.2 => /lib/libdl.so.2 (0xb7ac0000) >>>> >>>> >>>> So mysql should be compiled with ssl support. >>>> >>>> Could it be caused by any other error or my mistake? >>>> >>>> Thx, >>>> >>>> Roman >>>> >>>> >>>> >>> -- >>> Lampa >>> >>> >> >> >>
