exim4

OpenVPN systemd CapabilityBoundingSet breaking notifications with exim4

At work we employ a openvpn server when working remotely and wanting to access firewall restricted locations. At some point a colleague of mine started facing disconnects to the server. We tracked down the issue being the feature of protecting against SWEET32 attacks, introduced in openvpn client version 2.4. We thus decided to upgrade our openvpn server too and bring version 2.4 from jessie-backports. When a client successfully connects to the VPN server a script is executed and sends email notifications to the LDAP user’s email about the VPN session details, such as the remote IP address used:
Read more