Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

Wed, 18 Jan 2012 23:40:09 -0800 

Le 19 janv. 2012 à 02:18, Wietse Venema a écrit :

> bsd:
>> I wanted to know what are the symptoms of "SSL_accept error" and
>> "lost connection after CONNECT" ??
> 
> The client hangs up when Postfix expects the TLS handshake.
> 
> There was two ways that Postfix provides TLS service. One is STARTTLS
> mode (usually TCP port 587), and the other is TLS wrapper mode
> (usually TCP port 465).
> 
> Does the client connect to port 587 or to port 465? How do you know
> that it connects to this port and not to the other one?

I have two firewalls filtering tcp / udp ports. 

From what I can read on netstat there is nothing listening on port 587. 
Maybe the client tries to initiate a connexion on this port… but this will 
surely fails ! 


newmail ~ --> netstat -an -f inet | grep LISTEN
tcp4       0      0 *.2004                 *.*                    LISTEN
tcp4       0      0 *.2003                 *.*                    LISTEN
tcp4       0      0 *.2002                 *.*                    LISTEN
tcp4       0      0 *.2001                 *.*                    LISTEN
tcp4       0      0 *.1085                 *.*                    LISTEN
tcp4       0      0 *.22                   *.*                    LISTEN
tcp4       0      0 *.80                   *.*                    LISTEN
tcp4       0      0 *.443                  *.*                    LISTEN
tcp4       0      0 127.0.0.1.10025        *.*                    LISTEN
tcp4       0      0 8x.9x.2x6.99.465       *.*                    LISTEN
tcp4       0      0 127.0.0.1.465          *.*                    LISTEN
tcp4       0      0 8x.9x.2x6.99.25        *.*                    LISTEN
tcp4       0      0 127.0.0.1.25           *.*                    LISTEN
tcp4       0      0 *.993                  *.*                    LISTEN
tcp4       0      0 *.143                  *.*                    LISTEN
tcp4       0      0 *.995                  *.*                    LISTEN
tcp4       0      0 *.110                  *.*                    LISTEN
tcp4       0      0 127.0.0.1.10026        *.*                    LISTEN
tcp4       0      0 127.0.0.1.10024        *.*                    LISTEN
tcp4       0      0 *.3306                 *.*                    LISTEN
tcp4       0      0 127.0.0.1.10023        *.*                    LISTEN
tcp4       0      0 *.199                  *.*                    LISTEN
tcp4       0      0 127.0.0.1.705          *.*                    LISTEN
tcp4       0      0 *.10050                *.*                    LISTEN
tcp4       0      0 127.0.0.1.953          *.*                    LISTEN
tcp4       0      0 127.0.0.1.53           *.*                    LISTEN
tcp4       0      0 8x.9x.2x6.99.53        *.*                    LISTEN


Maybe I should use STARTTLS instead of the wrapper mode ? 

What are the pros and cons of each solution ? 

Can I provide both with the same auth backend mechanism (I use dovecot) ? 


> 
>       Wietse


––––––––––––––––––––––––––––––––––––––––––––––
---------> Grégory Bernard Director <---------
---------------> www.osnet.eu <---------------
--> Your provider of OpenSource appliances <--
––––––––––––––––––––––––––––––––––––––––––––––
OSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetOSnetO

Reply via email to