Archive for October, 2011
Windows 7 explorer really slow to open “Searching for items”
and the green bar of death, taking maybe 10 or 15 seconds before you can use the folder.
Another ‘feature’ of Windows 7 apparently:
http://www.sevenforums.com/performance-maintenance/10330-explorer-slow-large-folders.html
(in case the link goes bad: select the folder -> properties ->customize -> and set type to general (or something other than whatever it is)
WTF…wordpress lost all my catagories!
No, not really. But if /tmp fills up that’s one of the symptoms.
gmail and TLS problem with qmail or postfix on Plesk systems
I fixed this once in June but never wrote it down. It seems to have broken again. Here’s the original notes I had below.
(and an additional reminder: most ISPs are going to block port 25 so you need to telnet from some place with a real internet connection)
Bit of self followup to the original post below.
Testing via telent:
ehlo foo.com
250-u########.com
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250 8BITMIME
starttls
454 4.3.3 TLS not availableIn looking for answers one common theme was that /var/qmail/control/servercert.pem must be “bad” but as noted below changing it didn’t make a difference. I’ve now also noted that *removing* it doesn’t make a difference either, and qmail doesn’t seem to create any error messages.
My system is totally stock. So it seems like the default Plesk install of qmail has a broken TLS implementation? Seems unlikely. I have no idea where problem might be.
========================================================================================
About 3 weeks ago I started noticing that email from gmail users was not making it through the server. I think it’s some sort of TLS problem but I’m not clear as to what changed and/or how to fix it.Plesk 10.2.0 with psa-qmail 1.03-cos5.build1011110330.18
My server reports:
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-AUTH LOGIN CRAM-MD5 PLAIN
250-STARTTLS
250 8BITMIMEbut if I trace the the google/qmail exchange I see this:
30811] select mask – CLT-RCV CLT-SND SRV-RCV
30811] >Client: 454 4.3.3 TLS not availableafter some searching I found this:
http://www.google.com/support/forum/p/gm…f1789f768&hl=enand following the same steps as in that post it would appear /var/qmail/control/servercert.pem has a problem as when I try
openssl verify servercert.pem
I get
error 20 at 0 depth lookup:unable to get local issuer certificateFollowing the references to here to create a new one:
http://forum.parallels.com/showthread.php?t=7113but when I test SSL on port 25 it I still get the same error message:
8982:error:140770FCSL routinesSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:475:
And how did I fix it? GFQ, as the only notes I made was:
I switched from qmail to postfix as the MTA. However the same TLS problem was showing up. However, unlike qmail, with postfix I could actually figure out how to shut off TLS.
So now I seem to need to fix it again, and this time I’ll make a note about what postfix file you edit to disable TLS. I suspect an upgrade of Plesk changed some settings, that seems to happen sometimes…and I forgot to backup /etc before starting this last time around.
Just for the record, same problem as before:
ehlo foo.com
250-u######.com
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5
250-XFORWARD NAME ADDR PROTO HELO SOURCE
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
starttls
454 4.3.3 TLS not available
Some links on the topic:
http://serverfault.com/questions/129771/how-to-disable-tls-in-postfix
http://www.postfix.org/TLS_README.html
so in main.cf find/edit this section:
smtpd_tls_security_level = none # was may
smtpd_use_tls = yes
smtp_tls_security_level = may
smtp_use_tls = no