Handwerker, Jan (IMK) [20.04.2015 14:45]:
Hallo Yamaban,
vielen Dank, aber ich befürchte, Deine Lösung geht an meinem Problem vorbei. haveged ist installiert, aber niemand nuckelt an /dev/random (lsof | grep random bleibt leer).
# postconf | grep random lmtp_randomize_addresses = yes smtp_randomize_addresses = yes tls_daemon_random_bytes = 32 tls_random_bytes = 32 tls_random_exchange_name = ${data_directory}/prng_exch tls_random_prng_update_period = 3600s tls_random_reseed_period = 3600s tls_random_source = dev:/dev/urandom Kein Wunder, dass niemand an /dev/random lauscht, es wird ja /dev/urandom benutzt :P Wie lauten denn Deine smtp_tls_*-Parameter? Auszugsweise mal hier: # postconf | grep smtp_tls_ smtp_tls_CApath = /etc/postfix/ssl/certs smtp_tls_cert_file = /etc/postfix/ssl/smtp.cert smtp_tls_ciphers = export smtp_tls_dcert_file = smtp_tls_dkey_file = $smtp_tls_dcert_file smtp_tls_eccert_file = smtp_tls_eckey_file = $smtp_tls_eccert_file smtp_tls_exclude_ciphers = smtp_tls_fingerprint_cert_match = smtp_tls_fingerprint_digest = md5 smtp_tls_force_insecure_host_tlsa_lookup = no smtp_tls_key_file = /etc/postfix/ssl/smtp.key smtp_tls_loglevel = 1 smtp_tls_mandatory_ciphers = medium smtp_tls_mandatory_exclude_ciphers = smtp_tls_mandatory_protocols = !SSLv2 smtp_tls_note_starttls_offer = yes smtp_tls_per_site = smtp_tls_policy_maps = smtp_tls_protocols = !SSLv2 smtp_tls_scert_verifydepth = 9 smtp_tls_security_level = smtp_tls_session_cache_timeout = 3600s Die smtpd_tls_*-Parameter sind für Mails, die eingeliefert werden, nicht für den Versand. Gruß Werner --