From owner-freebsd-questions@freebsd.org  Mon Jun 22 06:58:11 2020
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 18079342348
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Mon, 22 Jun 2020 06:58:11 +0000 (UTC)
 (envelope-from lysfjord.daniel@smokepit.net)
Received: from smtp-out.smokepit.net (smtp-out.smokepit.net [18.200.56.156])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp-out.smokepit.net",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 49r0c212rZz4G29
 for <freebsd-questions@freebsd.org>; Mon, 22 Jun 2020 06:58:09 +0000 (UTC)
 (envelope-from lysfjord.daniel@smokepit.net)
Received: from cm-84.215.33.184.getinternet.no ([84.215.33.184]
 helo=smokepit.net) by smtp-out.smokepit.net with esmtpsa
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1)
 (envelope-from <lysfjord.daniel@smokepit.net>) id 1jnGP5-0002hs-0D
 for freebsd-questions@freebsd.org; Mon, 22 Jun 2020 06:58:03 +0000
Received: from yggdrasil.lan.smokepit.net ([10.0.0.200])
 by smokepit.net with esmtpsa (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94 (FreeBSD))
 (envelope-from <lysfjord.daniel@smokepit.net>) id 1jnGP3-000E1v-UW
 for freebsd-questions@freebsd.org; Mon, 22 Jun 2020 08:58:02 +0200
Subject: Re: Exim - retry time not reached for any host
To: freebsd-questions@freebsd.org
References: <2534646.NQNxk83B2J@curlew>
 <40ca3e9d-2859-6428-e7ad-c1b2dff36a69@smokepit.net>
 <1954651.YXp4yczo3S@curlew>
From: Daniel Lysfjord <lysfjord.daniel@smokepit.net>
Message-ID: <2bb9b869-087f-0de7-a092-5753e6528a10@smokepit.net>
Date: Mon, 22 Jun 2020 08:58:01 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.9.0
MIME-Version: 1.0
In-Reply-To: <1954651.YXp4yczo3S@curlew>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Spam-Report: Action: no action Symbol: ARC_NA(0.00)
 Symbol: RCVD_VIA_SMTP_AUTH(0.00) Symbol: BAYES_HAM(-2.83)
 Symbol: FROM_HAS_DN(0.00) Symbol: TO_MATCH_ENVRCPT_ALL(0.00)
 Symbol: MIME_GOOD(-0.10) Symbol: TO_DN_NONE(0.00)
 Symbol: RCPT_COUNT_ONE(0.00) Symbol: RCVD_COUNT_ONE(0.00)
 Symbol: FROM_EQ_ENVFROM(0.00) Symbol: MIME_TRACE(0.00)
 Symbol: RCVD_TLS_ALL(0.00) Symbol: MID_RHS_MATCH_FROM(0.00)
 Message-ID: 2bb9b869-087f-0de7-a092-5753e6528a10@smokepit.net
X-Rspamd-Queue-Id: 49r0c212rZz4G29
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.63 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[smokepit.net:s=loke];
 NEURAL_HAM_MEDIUM(-1.02)[-1.018]; FROM_HAS_DN(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:18.200.56.156];
 MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[];
 NEURAL_HAM_LONG(-1.04)[-1.037]; RCPT_COUNT_ONE(0.00)[1];
 RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[smokepit.net:+];
 DMARC_POLICY_ALLOW(-0.50)[smokepit.net,reject];
 NEURAL_HAM_SHORT(-0.57)[-0.571]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:16509, ipnet:18.200.0.0/16, country:US];
 RCVD_TLS_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[];
 RECEIVED_SPAMHAUS_PBL(0.00)[84.215.33.184:received]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2020 06:58:11 -0000

On 21.06.2020 23:33, Mike Clarke wrote:
> On Saturday, 20 June 2020 01:07:04 BST Daniel Lysfjord via freebsd-questions wrote:
>> On 19.06.2020 17:57, Mike Clarke wrote:
>> [..]
>>
>>> So it looks very much like the problem lies somewhere in my system even
>>> though there's been no changes made recently. I'd appreciate suggestions
>>> on how I should go about tracing and fixing the cause of this problem.
>>
>> Have you tried to start exim with "-bd -d+all" to get some debug output?
> 
> 
> OK, I've done that now and it's highlighted what's happening, though I'm not sure if it helps to
> explain why;
> 
> 
> To summarise it looks like the SSL connection fails but eventually succeeds after a number of
> retries although the delay could be an hour or more.
> 
> 
> As a workaround I've reverted exim from 4.94 to 4.93.0.4 which does not appear to suffer from this
> problem.
>[..]

Can't see anything wrong with that part of the config. The exim4 
changelog between 4.93 and 4.94 is quite long, and many things have 
changed. You could try to bisect, of course.

Did 4.94 fail to connect every time, or was it sporadic?

Since the only difference between your tests are the version of exim, I 
can't see any reason to try manually testing open openssl, but you could 
try testing with tcpdump, and see if you see anything different between 
the versions or if there's a difference in failed and successful 
attempts (exim -Rf @domain to force a queue-run, should ignore retry 
delays).

Good luck:)