[BlueOnyx:22560] Re: Vacation Message not working.
Michael Stauber
mstauber at blueonyx.it
Mon Dec 17 01:33:02 -05 2018
Hi Mon Chan,
> The customer enable the vaction message but not working.
> We check the log, the error show Deferred: 403 4.7.0 TLS handshake. and
> stop to send the reply email.
The problem seems to be this here:
> Dec 17 13:18:11 mail sendmail[15411]: STARTTLS=server, error: accept
> failed=0, SSL_error=1, errno=0, retry=-1, relay=localhost [127.0.0.1]
> Dec 17 13:18:11 mail sendmail[15410]: STARTTLS=client:
> 15410:error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key
> too small:s3_clnt.c:3345:
> Dec 17 13:18:11 mail sendmail[15410]: ruleset=tls_server, arg1=SOFTWARE,
> relay=[127.0.0.1], reject=403 4.7.0 TLS handshake.
The exact error message being:
------------------------------------------------------------
SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small:s3_clnt.c:3345
------------------------------------------------------------
This means the host (mail.gsnt.net) is using Diffie-Hellman keys for his
TLS connection that are too small, so the chiffre and protocol
negotiation does not conclude. The problem is on mail.gsnt.net's end.
It's a 5107R and from the looks of it it's missing a few years worth of
updates. At the least it could be upgraded to 5207R via this guide:
https://www.blueonyx.it/index.php?page=upgrade
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list