[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mutt Mail to List Fails

[ I assume that you sent this privately by mistake, so I forward it to
  the list. ]

> From: Johannes Wiedersich
> To: Florian Kulzer
> Subject: Re: Mutt Mail to List Fails
> Date: Mon, 08 Sep 2008 19:03:00 +0200
> [Sorry for semi-hijacking the thread, but on a related issue... ]
> On 2008-09-07 21:23, Florian Kulzer wrote:
> > You could also try to use another smtp client to post from Mutt, for
> > example msmtp, which can be installed and used in parallel to postfix.
> > If your version of mutt is new enough then you can also try its built-in
> > smtp engine:
> > 
> > set smtp_url="smtp[s]://USER:PASSWORD@your.isp.com"
> On setting this, I get the following error:
> gnutls_handshake: The Diffie Hellman prime sent by the server is not
> acceptable (not long enough).

Diffie-Hellman key exchange is used to establish a shared secret between
you and the server over an insecure channel (the internet). It seems
that your server bases the exchange on a prime number whose length is
considered insufficient by gnutls. You can install the gnutls-bin
package find out what is going on. Running

$ gnutls-cli $YOUR_SMTP_SERVER

should give you information like this:

- Ephemeral Diffie-Hellman parameters
 - Using prime: 1032 bits
 - Secret key: 1015 bits
 - Peer's public key: 1032 bits

You can then try to set ssl_min_dh_prime_bits in your ~/.muttrc to allow
for shorter primes, or you can try to convince the administrator of your
server to switch to longer keys/primes.

> The same server works fine (no complaints) with icedove. This is on lenny.

Icedove uses libnss3-1d instead of libgnutls26; maybe libnss3-1d is less
stringent with the minimum prime length.

Regards,            | http://users.icfo.es/Florian.Kulzer
          Florian   |

Reply to: