Date: Thu, 18 Jun 2015 11:26:19 -0400 From: Mike Tancsa <mike@sentex.net> To: freebsd-stable@freebsd.org Subject: Re: sendmail: TLS interop Message-ID: <5582E31B.1050705@sentex.net> In-Reply-To: <20150618144326.GA29275@x2.esmtp.org> References: <CAAoTqft7wRi9Ov_oiCk64HwbT%2BrXn-AvkOd-%2BVeFhq_s8bE7NA@mail.gmail.com> <CAAoTqfvchXndzgCRDyJXCz%2BUOi93w1v-vvKvoLMgPLk6cHh4Dw@mail.gmail.com> <5582C749.9060801@sentex.net> <20150618144326.GA29275@x2.esmtp.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6/18/2015 10:43 AM, Claus Assmann wrote: > On Thu, Jun 18, 2015, Mike Tancsa wrote: > >> But we also have been seeing the odd site that cannot accept mail now >> with opportunistic encryption, so we had to disable TLS for them :( > > Do you have a list of those? > Are those sites having problems with larger DH primes? Actually, Looking at the error message, I guess its on our end. STARTTLS=client, error: connect failed=-1, reason=dh key too small, SSL_error=1, errno=0, retry=-1 I added define(`confDH_PARAMETERS', `2') to this particular server ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5582E31B.1050705>