Postfix and amavis - error on socket when SSL is used

Michael D. Wood mike at itsecuritypros.org
Mon Feb 2 15:58:23 CET 2015 

And you have the perl ssl library installed through cpan?

IO::Socket::SSL

Sent from my iPhone

> On Feb 2, 2015, at 3:17 AM, Seba <free4cd at googlemail.com> wrote:
> 
> Hi,
> 
> amavisd line 8392:
> 
>       if (length($post) > 20) { $post = substr($post,0,15) . '[...]' }
> 
> The whole section:
> 
>     $pre = substr($curr_head,0,pos($curr_head)-length($mid))  if !defined $pre;
>     $post = substr($curr_head,pos($curr_head))  if !defined $post;
>     if (defined $msg1) {
>       chomp($post);
>       if (length($mid)  > 20) { $mid  = substr($mid, 0,15) . '[...]' }
>       if (length($post) > 20) { $post = substr($post,0,15) . '[...]' }
>       if (length($pre)-length($field_name)-2 > 50-length($post)) {
>         $pre = $field_name . ': ...'
>                . substr($pre, length($pre) - (45-length($post)));
>       }
> 
> I've tried to disable the amavisd connection cache but the problem still exists.
> 
> Today, I get this messages in amavisd log:
> 
> Feb  2 08:31:46 filter amavis[1680]: (01680-06) (!)FWD from <xxxx at gmx.de> -> <recipient at mydomain.de>, 451 4.5.0 From MTA() during fwd-connect (Error upgrading socket to SSL: SSL connect attempt failed with unknown error error:14092110:SSL routines:SSL3_GET_SERVER_HELLO:attempt to reuse session in different context at /usr/sbin/amavisd-new line 7043.): id=01680-06
> Feb  2 08:31:46 filter amavis[1680]: (01680-06) Blocked MTA-BLOCKED {TempFailedInbound}, [212.227.15.19]:55087 [94.217.67.44] <xxxx at gmx.de> -> <recipient at mydomain.de>, Queue-ID: C3E4FBFD85, Message-ID: <12EC797D-55EE-4B41-A851-0102BFABBAE9 at gmx.de>, mail_id: Uy8tbh2N8JxD, Hits: 0, size: 3278, 2138 ms
> 
> Line 7043 of amavisd-new:
> 
>     %params,
> 
> The whole section:
> 
>   IO::Socket::SSL->start_SSL($sock, SSL_session_cache => $ssl_cache,
>     SSL_error_trap =>
>       sub { my($sock,$msg)=@_; do_log(-2,"Error on socket: %s",$msg) },
>     %params,
>   ) or die "Error upgrading socket to SSL: ".IO::Socket::SSL::errstr();
> 
> 2015-02-02 0:35 GMT+01:00 Michael D. Wood <mike at itsecuritypros.org>:
>> What does amavisd line 8392 say?
>> 
>> Sent from my iPhone
>> 
>> > On Feb 1, 2015, at 7:56 AM, Seba <free4cd at googlemail.com> wrote:
>> >
>> > amavisd line 8392
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20150202/0c0e5f97/attachment.html>

More information about the amavis-users mailing list