TLS_not_available:_connect_failed:_error:00000000:lib(0):fun

[souperdad]

My network is setup as follows. I have a qmail server that recevies all email to my domain and forwards it to an internal M$ Exchange server. I also have a M$ Certificate Server installed as well.

As of yesterday the emails are not getting to the exchange box. They are piling up in the queue on the qmail server. I get the following error message in /var/log/qmail/qmail-send/current
TLS_not_available:_connect_failed:_error:00000000:lib(0):func(0):reason(0)/

Yesterday I installed the Latest and Greatest Symantec Antivirus Corporate edition on my Exchange server. I've read a few posts about Antivirus causing problems with TLS if the Mail Auto-protect was enabled. I have disabled it as people have suggested but I still get the error message.

I was messing with the Certs on the M$ Cert server but I dodn't think that would make any difference to qmail.

Has anyone run into this issue before or have any suggestions?

[cselkirk]

As I remember this has been reported on the qmail mailing list, I'm not sure exactly what causes it but one solution (if you only need TLS for clients connections) is to replace qmail-remote with qmail-remote from a non TLS patched build (at least thats probably your best bet for a quick fix .. at least you would be able to pass mail on to the Exchange server until there is a better solution).

HTH

EDIT: forgot to mention, you can't build with a "USE="-ssl" ebuild /usr/portage/mail-mta/qmail/qmail-1.03-r13.ebuild unpack" as the STARTTLS patch is applied regardless (the +ssl only pulls in openssl as a dependency), so, you will need to use PORTDIR_OVERLAY and comment out the STARTTLS patch. Then you can: