[SOLVED] Re: exim4 & libgnutls26: "A TLS packet with unexpected length was received."

[Adrian Zaugg <adi@ente.limmat.ch>]

Hi Antoine

After some investigation I found that the count for the mentioned error
was not slowly evolving, it was appearing at beginning of March a lot
more than before. So I checked for changes on my side and found I had
prolonged delays for hosts that are dns blacklisted too much (I set a
small penalty for hosts on DNSRBL and a larger delay for positive
spamassassin results to waste spammers resources).

Some providers have very short time-outs and it seems TLS connection
cannot be left open too long without sending anything anyway, which both
leads to the error in my logs. Especially sendgrid has short delays and
their hosts are often on blacklists, so I saw the error coming up very
often with sendgrid hosts.

As soon as I reduced the delay for blacklisted hosts to 15 seconds again
instead of 35, the error disappeared and things run normally again now.

So the error is mine and I apologize for the noise on the list.

Thank you all for your answers.


Best regards, Adrian.


PS: I know it is bad practice to slow down legitimate connections, but I
see it a good practice to slow down spammers. Systems that appear on
blacklists do have a reason being listed and so the small penalty is
acceptable in my opinion even though the message being received is a
legitimate one.


On 30.03.17 14:20, Antoine Beaupré wrote:
> 
> So your first task is to contact the maintainer of that backport to make
> sure it's updated, with a CC on the backports list. :)
>