On Wed, Mar 27, 2024 at 03:28:38PM +0200, Levente Birta via Postfix-users wrote:
> Please help me out with the following error. It's a not very old DVR
> equipment sending notification emails on submission with TLS.
>
> Before (with Centos 7 and postfix 3.6) was working, but now, with rocky 8
> and postfix 3.10-20240310.
Please post a "tshark" decode of the SSL handshake, as explained in:
https://marc.info/?l=postfix-users&m=166005488423800&w=2
> postfix/submission/smtpd[1341984]: read from 55BE67365B00 [55BE67426AB3] (5
> bytes => 5 (0x5))
> postfix/submission/smtpd[1341984]: 0000 16 03 01 00
> 96 .....
> postfix/submission/smtpd[1341984]: read from 55BE67365B00 [55BE67426AB8]
> (150 bytes => 150 (0x96))
> postfix/submission/smtpd[1341984]: 0000 01 00 00 92 03 03 dc 27|9c 04 2a 57
> 91 c4 fd 9f .......' ..*W....
> [...]
Reading the hex dump is not fun, the tshark output is much easier to
work with.
> postfix/submission/smtpd[1341984]: warning: TLS library problem:
> error:14209175:SSL routines:tls_early_post_process_client_hello:
> inappropriate fallback:ssl/statem/statem_srvr.c:1767:
[ Seems you're using OpenSSL 1.1.1, which emits slightly more detailed
error strings than OpenSSL 3.x, where the function name is not
included. ]
It looks like the client's cipherlist indicated (SCSV codepoint) that it
performed a fallback (from TLS 1.3 to TLS 1.2 perhaps):
https://datatracker.ietf.org/doc/html/rfc7507#section-7
and since OpenSSL supports TLS 1.3, the fallback was rejected as a
downgrade attack:
ssl/statem/statem_srvr.c- } else if (SSL_CIPHER_get_id(c) ==
SSL3_CK_FALLBACK_SCSV &&
ssl/statem/statem_srvr.c-
!ssl_check_version_downgrade(s)) {
ssl/statem/statem_srvr.c- /*
ssl/statem/statem_srvr.c- * This SCSV indicates that the
client previously tried
ssl/statem/statem_srvr.c- * a higher version. We should
fail if the current version
ssl/statem/statem_srvr.c- * is an unexpected downgrade, as
that indicates that the first
ssl/statem/statem_srvr.c- * connection may have been
tampered with in order to trigger
ssl/statem/statem_srvr.c- * an insecure downgrade.
ssl/statem/statem_srvr.c- */
ssl/statem/statem_srvr.c- SSLfatal(s,
SSL_AD_INAPPROPRIATE_FALLBACK,
ssl/statem/statem_srvr.c:
SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
ssl/statem/statem_srvr.c-
SSL_R_INAPPROPRIATE_FALLBACK);
ssl/statem/statem_srvr.c- goto err;
ssl/statem/statem_srvr.c- }
Perhaps there was an earlier TLS handshake attempt that failed for a
different reason (untrusted certificate? Something else).
Try to capture a "fresh" (first attempt) TLS delivery, rather than a
fallback, if the client is indeed performing a fallback.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
