I found a problem in my logs with respect to receiving email from
outlook.com. When I looked into it I thought it was due to the TLS certs
having expired. I've created new certificates (self-signed) but the
problem is continuing.
I'm seeing trusted/untrusted/anonymous connections established with
other relays and mail via these connections is processed OK.
On mx1 with inbound connections from outlook.com I'm seeing anonymous
TLS connections established but always followed by "lost connection
after EHLO".
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: connect from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: setting up TLS connection from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
Feb 5 16:01:21 mx1 postfix/smtpd[22789]:
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]: TLS
cipher list "ALL:+RC4:@STRENGTH"
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:before/accept
initialization
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 read client
hello A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write server
hello A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write
certificate A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write server
done A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 flush data
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 read client
key exchange A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 read finished A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write change
cipher spec A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write finished A
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 flush data
Feb 5 16:01:21 mx1 postfix/smtpd[22789]:
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]: save
session
951C66833DABEBA07BCBFA9F5DAD5E6281408A0C0596DA29A852F370D81191B7&s=smtpd&l=268435459
to smtpd cache
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: Anonymous TLS connection
established from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]: TLSv1
with cipher AES128-SHA (128/128 bits)
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: lost connection after EHLO
from mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
Feb 5 16:01:21 mx1 postfix/smtpd[22789]: disconnect from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
While on mx3 I'm always seeing SSL_accept error. (master.cf and main.cf
are the same on both mx's.)
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: connect from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: setting up TLS connection from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
Feb 5 16:00:58 mx3 postfix/smtpd[14898]:
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]: TLS
cipher list "ALL:+RC4:@STRENGTH"
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:before/accept
initialization
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 read client
hello A
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 write server
hello A
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 write
certificate A
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 write server
done A
Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 flush data
Feb 5 16:05:58 mx3 postfix/smtpd[14898]: SSL_accept error from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]:
Connection timed out
Feb 5 16:05:58 mx3 postfix/smtpd[14898]: lost connection after STARTTLS
from mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
Feb 5 16:05:58 mx3 postfix/smtpd[14898]: disconnect from
mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]
I've searched the archives and not yet found anything to point me
towards what's going on or if the problem is my end.
I thought I'd start by asking if anyone else is seeing/has seen problems
like this?
Thanks
Alan
