Package: stunnel4 Version: 3:4.29-1 Severity: normal I have to use stunnel with postfix in order to achieve TLS wrapper mode for sending mails. Each time after booting, mails get deferred instead of sent. This continues to happen until I run '/etc/init.d/stunnel4 restart'. From then on, mails are sent successfully.
The stunnel4 and postfix startup scripts are installed as S21stunnel4 and S22postfix. Perhaps the solution would be to change the stunnel4 script to S23stunnel4 instead, so as to change the order of their startup? (I haven't yet tried this, so I don't know.) My postfix configuration file is as follows. /etc/postfix/main.cf: smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no append_dot_mydomain = no readme_directory = no #=====Options for using stunnel wrapper for TLS======= smtp_use_tls = no smtp_enforce_tls = no relayhost = [127.0.0.1]:11125 #=====End stunnel Options======= smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtp_sasl_auth_soft_bounce = no myhostname = abcdefg alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = abcdefg, localhost.localdomain, localhost mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_command = procmail -a "$EXTENSION" mailbox_size_limit = 0 recipient_delimiter = inet_interfaces = all inet_protocols = ipv4 -- System Information: Debian Release: 6.0.5 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'proposed-updates') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages stunnel4 depends on: ii adduser 3.112+nmu2 add and remove users and groups ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libssl0.9.8 0.9.8o-4squeeze13 SSL shared libraries ii libwrap0 7.6.q-19 Wietse Venema's TCP wrappers libra ii netbase 4.45 Basic TCP/IP networking system ii openssl 0.9.8o-4squeeze13 Secure Socket Layer (SSL) binary a ii perl-modules 5.10.1-17squeeze3 Core Perl modules stunnel4 recommends no packages. Versions of packages stunnel4 suggests: pn logcheck-database <none> (no description available) -- Configuration Files: /etc/default/stunnel4 changed: ENABLED=1 FILES="/etc/stunnel/*.conf" OPTIONS="" PPP_RESTART=0 /etc/stunnel/stunnel.conf changed: ; Sample stunnel configuration file by Michal Trojnara 2002-2009 ; Some options used here may not be adequate for your particular configuration ; Please make sure you understand them (especially the effect of the chroot jail) ; Certificate/key is needed in server mode and optional in client mode cert = /etc/stunnel/stunnel.pem ;key = /etc/ssl/certs/stunnel.pem ; Protocol version (all, SSLv2, SSLv3, TLSv1) sslVersion = SSLv3 ; Some security enhancements for UNIX systems - comment them out on Win32 chroot = /var/lib/stunnel4/ setuid = stunnel4 setgid = stunnel4 ; PID is created inside the chroot jail pid = /stunnel4.pid ; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 ;compression = zlib ; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS ; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ; CApath is located inside chroot jail ;CApath = /certs ; It's often easier to use CAfile ;CAfile = /etc/stunnel/certs.pem ; Don't forget to c_rehash CRLpath ; CRLpath is located inside chroot jail ;CRLpath = /crls ; Alternatively you can use CRLfile ;CRLfile = /etc/stunnel/crls.pem ; Some debugging stuff useful for troubleshooting ;debug = 7 ;output = /var/log/stunnel4/stunnel.log ; Use it for client mode ;client = yes ; Service-level configuration ;[https] ;accept = 443 ;connect = 80 ;TIMEOUTclose = 0 [smtp-tls-wrapper] accept = 11125 client = yes connect = relay.provider.net:465 ; vim:ft=dosini -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
