On Sun, Mar 14, 2010 at 04:34:41PM +0100, Richard van den Berg wrote: > Mar 14 08:47:04 majoron postfix/smtpd[31776]: SSL_accept:error in SSLv3 > read client certificate A
Various SMTP clients are known to mis-handle requests for client certificates. You have not posted your "postconf -n" output as instructed in the list welcome message and http://www.postfix.org/DEBUG_README.html#mail. This said, it is clear that you have set "smtpd_tls_ask_ccert = yes". This setting is not recommended for port 25 on MX hosts. http://www.postfix.org/TLS_README.html#server_vrfy_client > Mar 14 08:47:04 majoron postfix/smtpd[31776]: SSL_accept error from > 82-171-xxx-yyy.ip.telfort.nl[82.171.xxx.yyy]: -1 > Mar 14 08:47:04 majoron postfix/smtpd[31776]: warning: TLS library problem: > 31776:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown > message digest algorithm:a_verify.c:146: This client has problems when client certs are requested. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
