On Tue, Nov 26, 2013 at 11:05:48PM +0000, Viktor Dukhovni wrote:
> > This means that the TLS library had a problem.
>
> Plus the server is an Microsoft Exchange server, and the problem
> happens on the first command after the post STARTLS EHLO.
One last comment, the mail server in question does run on Windows,
but it is not Microsoft Exchange, rather it is:
220 mail.sagebiz.com MailSite ESMTP Receiver Version 9.5.4.12 Ready
The underlying issue with CBC padding is therefore not Exchange-specific,
it is either in Windows 2003 SSPI, or in some library on top of
SSPI shared by MailSite and Exchange.
With RC4-SHA and RC4-MD5 the ciphertext length exceeds the plaintext
length by a fixed number of bytes. With DES-CBC3-SHA the ciphertext
length exceeds the plaintext length by a variable number of bytes,
but both Exchange and MailSite send the packets whose length is
plaintext + maximum possible overhead, thus emitting random trailing
data from the stack or heap after the first application data record.
The servers in question should be removed from active Internet-facing
duty. Their software stack is too ancient.
--
Viktor.
