Hello Victor. I tried before post here with "-ssl2" on the command line, got bad result too:(
./101-mail-smtp-test-starttls-p25-login.sh CIPHER..: RC2-CBC-MD5 TEST FAILED command: openssl s_client -cipher RC2-CBC-MD5 -ssl2 -starttls smtp -crlf -connect localhost:25 2>&1 3263:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188: CONNECTED(00000003) Josep El mié, 23-12-2009 a las 07:47 -0500, Victor Duchovni escribió: > On Wed, Dec 23, 2009 at 10:53:41AM +0100, Josep M. wrote: > > > I have designed my own scripts for curiosity, for test saslauthd and > > Postfix AUTH plain and login in both ports, and also test the ciphers in > > Postfix. > > Your curiousity exceeds your skill to interpret the results. > > > Always fail, in both ports 25 and 587: > > > > DES-CBC3-MD5 SSLv2 Kx=RSA Au=RSA Enc=3DES(168) Mac=MD5 > > RC2-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC2(128) Mac=MD5 > > DES-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=DES(56) Mac=MD5 > You forgot to specify "-ssl2" on the command-line, and got a v3 handshake > with a v2-only cipher-list. This does not happen in practice. >