i am seeing occasional
2024-11-18T00:03:11.981217+00:00 m0 postfix/smtpd[1756]: connect from
mail.edusemx.com[66.85.163.236]
2024-11-18T00:03:12.077728+00:00 m0 postfix/smtpd[1756]: SSL_accept error
from mail.edusemx.com[66.85.163.236]: -1
2024-11-18T00:03:12.077805+00:00 m0 postfix/smtpd[1756]: warning: TLS
library problem: error:0A000102:SSL routines::unsupported
protocol:../ssl/statem/statem_srvr.c:1657:
2024-11-18T00:03:12.078082+00:00 m0 postfix/smtpd[1756]: lost connection
after STARTTLS from mail.edusemx.com[66.85.163.236]
2024-11-18T00:03:12.078311+00:00 m0 postfix/smtpd[1756]: disconnect from
mail.edusemx.com[66.85.163.236] ehlo=1 starttls=0/1 commands=1/2
the net of a million lies says that the remote client does not like my
certificate. i think i am using let's encrypt
# grep tls /etc/postfix/main.cf
#smtpd_tls_loglevel = 2
smtpd_tls_cert_file=/etc/letsencrypt/live/m0.rg.net/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/m0.rg.net/privkey.pem
smtpd_tls_security_level = may
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level = may
smtp_tls_security_level = may
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = TLSv1.3, TLSv1.2, !SSLv2, !SSLv3, !TLSv1
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_session_cache_database =
https://ssl-tools.net/mailservers/m0.rg.net likes the server
maybe i am being too rude with `!SSLv2, !SSLv3, !TLSv1`?
tcpdump shows STARTTLS attempt then RST
clue bat appreciated
randy
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
