On Jul 9, 2013, at 16:10, Stefan Jakobs <ste...@localside.net> wrote:
> Postfix logs the following in my logs: > > postfix/smtp[8106]: setting up TLS connection to > server.example.com[a.b.c.d]:25 > postfix/smtp[8106]: SSL_connect error to server.example.com[a.b.c.d]:25: -1 > postfix/smtp[8106]: warning: TLS library problem: 8106:error:1408E0F4:SSL > routines:SSL3_GET_MESSAGE:unexpected message:s3_both.c:463: > > But there are also logs which say that it works: > > postfix/smtp[4527]: setting up TLS connection to > server.example.com[a.b.c.d]:25 > postfix/smtp[4527]: Untrusted TLS connection established to > server.example.com[a.b.c.d]:25: TLSv1 with cipher ADH-CAMELLIA256-SHA > (256/256 > bits) > postfix/smtp[4527]: 874F037EA0: to=<u...@server.example.com>, > relay=server.example.com[a.b.c.d]:25, delay=0.17, delays=0.04/0/0.08/0.06, > dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as A56C5A458F) > postfix/qmgr[31620]: 874F037EA0: removed > > I'm wondering what's wrong. And what does this error mean: > SSL3_GET_MESSAGE:unexpected message? As far as I understand it it means that the negotiation of the SSL cipher did not succeed, because the answer that came back from the remote server was not understood by yours. We had a similar problem earlier this week, which seemed to be caused by the lack of support for modern ciphers in Windows 2003. I'd suggest you have a good look at your configuration; Postfix 2.5.13 is no longer supported, for example. Perhaps Postfix (and your OpenSSL library) are in need of an update? Mvg, Jona
