Hello everyone,
I have problem receiving e-mails via STARTSSL from the hays mailservers. It
bails out with the following error message. My mailserver is infra.glanzmann.de
and I have no trouble receiving or sending e-mail via startssl to a various
mailserver with official or unofficial signed certificates.
Sep 20 13:15:03 infra postfix/smtpd[457]: connect from
mail2.hays.de[93.188.241.74]
Sep 20 13:15:03 infra postfix/smtpd[457]: setting up TLS connection from
mail2.hays.de[93.188.241.74]
Sep 20 13:15:04 infra postfix/smtpd[457]: SSL_accept error from
mail2.hays.de[93.188.241.74]: -1
Sep 20 13:15:04 infra postfix/smtpd[457]: warning: TLS library problem:
457:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:293:
Sep 20 13:15:04 infra postfix/smtpd[457]: lost connection after STARTTLS from
mail2.hays.de[93.188.241.74]
Sep 20 13:15:04 infra postfix/smtpd[457]: disconnect from
mail2.hays.de[93.188.241.74]
Has someone an idea what the problem is here and how I can get a workaround to
not offer startssl to the hays mailservers?
(infra) [~] grep tls /etc/postfix/main.cf
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_tls_cert_file = /etc/ssl/private/postfix-chain.pem
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_security_level = may
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_key_file = /etc/ssl/private/server.key
smtp_tls_cert_file = /etc/ssl/private/postfix-chain.pem
smtp_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
smtp_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_dh1024_param_file = /etc/postfix/dh_1024.pem
smtpd_tls_dh512_param_file = /etc/postfix/dh_512.pem
smtpd_tls_ask_ccert = yes
Cheers,
Thomas
