- Plesk for Linux
Unable to send mail out to a certain domain with Qmail. There are errors like the following in
Jun 16 12:48:02 xcp qmail: 1434451682.055439 delivery 190193: deferral: TLS_connect_failed:_error:14082174:SSL_routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh_key_too_small;_connected_to_22.214.171.124/
The issue is caused by different security settings (e.g. destination server has a Diffie-Hellman key with less size) or
packages installed on source and destination servers are different versions.
Note: Please consider switching to Postfix as the fastest and easiest way to resolve the issue.
IMPORTANT: this solution decreases the server security and might be used only in case of emergency. If the solution is not applicable due to security reasons, please, contact Plesk Technical Support to investigate the issue.
Add the server, which bounces mail, to trusted hosts list in Qmail:
# mkdir /var/qmail/control/notlshosts
# touch /var/qmail/control/notlshosts/mail.example.com
Note: Qmail sends message without TLS to such domains.
Restart Qmail afterward to make it work:
# service qmail restart