• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Qmail fails due to dh key length

D

deltatech

Regular Pleskian
I have been seeing these in my log and received complaints from customers not able to get their mail out. These messages just stay in the queue and go no where.

Can anyone post what they are successfully using as a tlsserverciphers and tlsclientciphers? Maybe it the dh key being too small. How can this be fixed on Qmail?


qmail: 1436646171.830486 delivery 6: deferral: TLS_connect_failed:_error:14082174:SSL_routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh_key_too_small;_connected_to_170.49.86.238.
 
Last edited:
IgorG said:
http://talk.plesk.com/threads/plesk-12-odin-script-to-disable-sslv3-problems.333574/
Click to expand...
I have already read that thread. It didn't help. We are able to do TLS just fine with most servers but there are some that gives that error about dh_key_too_small.

So it seems that TLS is working mostly but not for servers that require a 2048 bit dh key. Is there a way to have qmail use a 2048 bit dhparms key? If not, is there a patch coming soon? I am wondering if we need to move to postfix to fix this.
 
You must log in or register to reply here.

Similar threads

S
Resolved Dovecot Broken After Latest Update
Replies
4
Views
3K
scpcomp
S
Alex Presland
Issue Emails forwarded by Plesk fail DKIM checks with certain attachments
2
Replies
21
Views
9K
Alex Presland
Alex Presland
M
Issue Qmail / Dovecot - mail forwarding fails endlessly
Replies
5
Views
3K
mw004
M
D
Resolved Qmail Cannot Receive Mail: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)
Replies
2
Views
3K
DaveDoesStuff
D
IATechsupport
Plesk 12 Odin script to disable SSLv3 problems
Replies
6
Views
3K
UFHH01
U
Back
Top