Neil S. Briscoe
2009-Apr-16 14:33 UTC
[Pkg-exim4-users] Sudden failure of TLS from one client
Hi All of our servers around the globe are running Debian Lenny with one exception, which is running Ubuntu. This latter host suddenly started to fail sending mails through to the smarthost. On this client server the error messages were TLS error on connection to server.example.tld [1.2.3.4] (gnutls_handshake): Internal error in memory allocation. On the smarthost to which it was talking - the message was TLS error on connection from reversedns.example.tld (server.example.tld) [2.3.4.5] (gnutls_handshake): A TLS packet with unexpected length was received. For the time being, in order to allow the client to send mail to the smart host I have had to stop advertising TLS to the client. I did read through a thread I found on Google. A TLS mail I sent using swaks worked just fine - and this seems to indicate some problem with the gnutls libraries. The last update - of all machines - was last Sunday - and things have been working fine all week until today. Obviously, I am not happy that I am having to send mail without the benefit of TLS from this one client. Sorry for dropping what you might call an Ubuntu problem on this list - but I''d be grateful for further suggestions of things to try so that I can send using TLS again from this client. Many thanks. Regards Neil -- Neil Briscoe CensorNet Ltd - professional & affordable Web & E-mail filtering neil.briscoe at censornet.com web: www.censornet.com tel: 0845 230 9592 / fax: 0845 230 9591 / main office: 0845 230 9590 snail: The Old Post Office, Bristol Rd, Hambrook, Bristol BS16 1RY. UK. MSN: nbriscoeuk at hotmail.co.uk CensorNet Ltd is a registered company in England & Wales No. 05518629 VAT registration number 901-2048-78 Any views expressed in this email communication are those of the individual sender, except where the sender specifically states them to be the views of a member of CensorNet Ltd. CensorNet Ltd does not represent, warrant or guarantee that the integrity of this communication has been maintained nor that the communication is free of errors or interference. ------------------------------------------------------------------------------------ Scanned for viruses, spam and offensive content by CensorNet MailSafe Try CensorNet free for 14 days. Provide Internet access on your terms. Visit www.censornet.com for more information.
Andreas Metzler
2009-Apr-16 17:39 UTC
[Pkg-exim4-users] Sudden failure of TLS from one client
Neil S. Briscoe <neil.briscoe at censornet.com> wrote:> All of our servers around the globe are running Debian Lenny with one > exception, which is running Ubuntu.> This latter host suddenly started to fail sending mails through to the > smarthost.> On this client server the error messages were > TLS error on connection to server.example.tld [1.2.3.4] > (gnutls_handshake): Internal error in memory allocation.[...] The only mahjor difference I can think off is this one: Gnutls in Ubuntu (at least jaunty) and Debian lenny differs in the handling of x509 v1 root certificates. Debian lenny is patched to accept them by default. Ubuntu and Debian sid keep upstream''s behavior of rejecting these certs by default. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.'' `I sew his ears on from time to time, sure''