• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

critical qmail bug on centos after microupdate #57

G

gatwtal

New Pleskian
Hello,

after the last automatic update of plesk panel (10.4.4, microupdate #57) qmail is no longer able to deliver emails to web.de/gmx.de mailboxes. Before the update this worked fine.
The error log shows messages like:

Dec 10 16:25:44 web01 qmail-remote-handlers[19876]: Handlers Filter before-remote for qmail started ...
Dec 10 16:25:44 web01 qmail-remote-handlers[19876]: from=***@***.de
Dec 10 16:25:44 web01 qmail-remote-handlers[19876]: to=***@web.de
Dec 10 16:25:44 web01 qmail: 1386689144.224948 delivery 2525: deferral:
TLS_connect_failed:_error:100AE081:elliptic_curve_routines:EC_GROUP_new_by_curve_name:unknown_groupZConnected_to_213.165.67.120_but_connection_died._er
ror:100AE081:elliptic_curve_routines:EC_GROUP_new_by_curve_name:unknown_group_(#4.4.2)/
Click to expand...

No other changes were performed on the server (centos 6.2).

I already tried to disable the TLS connection by placing files in /var/qmail/control/notlshosts like gmx.de or mx00.gmx.net but nothing works but qmail still uses TLS for those domains

I really need help here. We have about 45000 emails in queue (after sending a newsletter).

Best regards
Martin
 
Its probably because your openssl library) is out of date. A really important update for that came out in CentOS 6.5 recently.
 
No, the Centos 6.5 update doesn't help. This is a problem in all centos/redhat release when using tls - a bug report can be found here: https://bugzilla.redhat.com/show_bug.cgi?id=1019390#c2
I also have confirmation from another German user that 6.5 makes no difference here.
Something changed with the last plesk update at december 3rd. Before this update it did work (probably because tls wasn't used when communicating with web.de/gmx.de).
 
It seems the plesk update installed openssl 1.0.1-e15 which introduced the problem. openssl 1.0.1-e16 fixes this problem (update with yum update openssl).
 
Is is possible that this bug is alive... again with the latest openssl-updates? When sending e-mails via TLS (qmail + openssl 16.el6_5.14) we receive errors like this

Jul 29 05:16:31 XXX qmail: 1406603791.854933 delivery 1559: deferral: TLS_connect_failed;_connected_to_XXX.XXX.XXX.XXX./
Jul 29 05:16:31 XXX qmail: 1406603791.854953 status: local 0/10 remote 0/20
Click to expand...
 
You must log in or register to reply here.

Similar threads

marek999
Resolved postfix/smtp Connection timed out
Replies
2
Views
34K
marek999
marek999
H
Issue child 27377 exited with code 0 after 27411.172160 seconds from start
Replies
5
Views
20K
IgorG
IgorG
V
Issue Error while installation on CentOS 7, language problem
Replies
2
Views
5K
vospy
V
Stephan Lallement
IPV6 mail Forwarding with GMAIL
Replies
3
Views
5K
Lewutan
L
MarceauC
Issue Yum broken after 12.5 #44 (Centos 6.8)
Replies
0
Views
2K
MarceauC
MarceauC
Back
Top