Re: [mailop] Strange behaviour with qq.com SMTP server

Thu, 03 Apr 2025 12:37:49 -0700 

On Thu, Apr 03, 2025 at 10:09:19AM +0200, Winni Neessen via mailop wrote:

> I wonder if it's some kind of TLS related sequence that posttls-finger
> understands and simply ignores?
> 
> Anyways, thanks again for double checking.

Don't know what changed, but testing again, I now see the problem junk
response to "QUIT" instead of the previous "221 Bye".  This looks like a
bug.

    posttls-finger: > RSET
    posttls-finger: Write 6 chars: RSET??
    posttls-finger: write to 560F80C53BF0 [560F80C5ECB3] (35 bytes => 35 (0x23))
    posttls-finger: 0000 17 03 03 00 1e 0f 16 14|0f c9 6b 73 04 a8 74 c2  
........ ..ks..t.
    posttls-finger: 0010 25 b1 c9 90 1a c2 52 c0|0a ad 6b ef 15 ee 5e 19  
%.....R. ..k...^.
    posttls-finger: 0020 43 b1 53                                         C.S
    posttls-finger: read from 560F80C53BF0 [560F80C63543] (5 bytes => -1)
    posttls-finger: read from 560F80C53BF0 [560F80C63543] (5 bytes => 5 (0x5))
    posttls-finger: 0000 17 03 03 00 20                                   ....
    posttls-finger: read from 560F80C53BF0 [560F80C63548] (32 bytes => 32 
(0x20))
    posttls-finger: 0000 b6 a4 89 47 28 e8 09 5f|5d 66 a2 a5 d1 f5 4a e6  
...G(.._ ]f....J.
    posttls-finger: 0010 e8 d3 ad b1 c4 60 8f d6|5a f4 5e 1b 5e 95 28 32  
.....`.. Z.^.^.(2
    posttls-finger: Read 8 chars: 250 OK??
    posttls-finger: < 250 OK
    posttls-finger: > QUIT
    posttls-finger: Write 6 chars: QUIT??
    posttls-finger: write to 560F80C53BF0 [560F80C5ECB3] (35 bytes => 35 (0x23))
    posttls-finger: 0000 17 03 03 00 1e 0f 16 14|0f c9 6b 73 05 53 35 dc  
........ ..ks.S5.
    posttls-finger: 0010 4f 5d 07 03 11 f0 e3 70|1c 82 1b 16 34 65 74 07  
O].....p ....4et.
    posttls-finger: 0020 28 cb d9                                         (..
    posttls-finger: read from 560F80C53BF0 [560F80C63543] (5 bytes => -1)
    posttls-finger: read from 560F80C53BF0 [560F80C63543] (5 bytes => 5 (0x5))
    posttls-finger: 0000 17 03 03 00 32                                   ....2
    posttls-finger: read from 560F80C53BF0 [560F80C63548] (50 bytes => 50 
(0x32))
    posttls-finger: 0000 b6 a4 89 47 28 e8 09 60|0b 25 01 a0 09 cc 28 1a  
...G(..` .%....(.
    posttls-finger: 0010 d2 48 94 5d cf 40 17 da|a5 c0 5e dc 73 7c 97 7a  
.H.].@.. ..^.s|.z
    posttls-finger: 0020 db 6f e6 2a bd a8 86 f3|ff 4c 56 c0 cf 56 4f ab  
.o.*.... .LV..VO.
    posttls-finger: 0030 10 00                                            ..
    posttls-finger: Read 26 chars:
    posttls-finger: <

Given it is after "QUIT" there is no impact on email delivery, but it
can certainly make it harder for a scanar to be sure that TLS works
generally correctly.

-- 
    Viktor.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Reply via email to