Results 1 to 7 of 7

Thread: exim4 error afther installing commercial certificate

  1. #1
    Join Date
    Feb 2006
    Posts
    7
    Rep Power
    9

    Default exim4 error after installing commercial certificate

    Hello out there,

    I got a "little" (hope so) problem I can't resolve.

    Since last week I had Zimbra 4.5.x running on debian sarge and so I had to dist-upgrade my system before installing Zimbra 5.0.5. Everything works fine (of course some little problems) and since last thursday the new Zimbra on debian etch is running. Yesterday I installed a new SSL certificate (Thawte.com) after testing with the VeriSign test certificate for a few days. I installed the new certificate with this command as root (found it here):

    /opt/zimbra/bin/zmcertmgr deploycrt comm /PATH/FILENAME /opt/zimbra/curl-7.17.0/share/curl/curl-ca-bundle.crt

    It works fine I thougt, but now I have a little problem (exim4 mainlog):

    recipient@domain.com R=smarthost T=remote_smtp_smarthost defer (-53): retry time not reached for any host

    There is no entry at zimbra log.
    This problems are on several server at my office, sending systemmails every day (for example bacula) and since installing the new certificate.
    I have some "online" (not here in office) server too and they are still sending mails. The different is in /etc/mailnane:

    inhouse server: mailserver.domain.com
    online server: domain.com

    Another change since with the new certificate:
    A user has to use NAME@domain.com + passwort to login at zimbra. Before that he just has to use NAME + password.

    Thats all I know at the moment. I already tried to change the exim configuration to domain.com.

    Our system uses IMAP with SSL/TLS auth, SMTP doesn't need SSL/TLS authentification.

    Hope to get some help,
    Sebastian
    Last edited by dent; 05-30-2008 at 04:02 AM.

  2. #2
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    exim4 shouldn't be running at all.

  3. #3
    Join Date
    Feb 2006
    Posts
    7
    Rep Power
    9

    Default

    Sorry I'm not sure what you mean. Of course exim4 is running (on the servers that can't send mails over the mailserver).

    Another information: the certificate is for the subdomain mailserver.domain.com - thats the domain of the mailserver and the IMAP/SMTP server.

  4. #4
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    sorry, your original explanation is not clear then. exim4 should not be running on any server with zimbra - zimbra depends on its own builtin postfix. if you're running exim4 on other servers this shouldn't have anything to do with zimbra.

    apologies if i'm missing the point entirely!

  5. #5
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    Another change since with the new certificate:
    A user has to use NAME@domain.com + passwort to login at zimbra. Before that he just has to use NAME + password.
    Are you sure you haven't just lost the default domain, or lost vhost settings per domain if you're using NE?

  6. #6
    Join Date
    Feb 2006
    Posts
    7
    Rep Power
    9

    Default

    2008-05-30 12:36:10 1K21xx-0005FP-B0 TLS error on connection to mailserver.domain.com [85.14.253.20] (gnutls_handshake): Internal error in memory allocation.
    2008-05-30 12:36:10 1K21xx-0005FP-B0 TLS session failure: delivering unencrypted to mailserver.domain.com [IP.AD.DR.ES] (not in hosts_require_tls)
    2008-05-30 12:36:10 1K21xx-0005FP-B0 => recipient@domain.com R=dnslookup T=remote_smtp H=mailserver.domain.com [IP.AD.DR.ES]
    2008-05-30 12:36:10 1K21xx-0005FP-B0 Completed


    this is the log of a "online" server which still sends mails.

    At admin interface of zimbra I changed the option "default domain" to mailserver.domain.com - it was on domain.com. But that was a few hours ago.


    EDIT:
    when I set up a new server inhouse with exim4 it works. Sill the warning above, but it works. But I already tried to reconfigure on other machines :/
    Last edited by dent; 05-30-2008 at 05:05 AM.

  7. #7
    Join Date
    Feb 2006
    Posts
    7
    Rep Power
    9

    Default

    I installed postfix on thow machines (debian is uninstalling exim with this progress) and then it works...

    I'm sure its a "known certificate" problem with exim4/gnutls. I read something about that. But I can't fix it.

Similar Threads

  1. Install a commercial SSL certificate ??
    By nick20 in forum Installation
    Replies: 6
    Last Post: 06-23-2010, 04:08 AM
  2. [SOLVED] Trouble installing commercial certificates on Zimbra
    By Miklos Kalman in forum Installation
    Replies: 5
    Last Post: 05-21-2008, 02:11 PM
  3. Installing a Commercial certificate
    By moetiker in forum Installation
    Replies: 4
    Last Post: 03-27-2008, 07:18 AM
  4. Certificate fun...
    By TommyTheKid in forum Administrators
    Replies: 2
    Last Post: 02-12-2008, 05:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •