Ll -- Paul Hoffman <p...@flo.org> On Feb 5, 2014 10:37 PM, "Alan Munday" <postfi...@brightheadtechnology.com> wrote:
> > I found a problem in my logs with respect to receiving email from > outlook.com. When I looked into it I thought it was due to the TLS certs > having expired. I've created new certificates (self-signed) but the problem > is continuing. > > I'm seeing trusted/untrusted/anonymous connections established with other > relays and mail via these connections is processed OK. > > On mx1 with inbound connections from outlook.com I'm seeing anonymous TLS > connections established but always followed by "lost connection after EHLO". > > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: connect from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: setting up TLS connection from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: mail-db3lp0084.outbound. > protection.outlook.com[213.199.154.84]: TLS cipher list > "ALL:+RC4:@STRENGTH" > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:before/accept > initialization > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 read client > hello A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write server > hello A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write > certificate A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write server > done A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 flush data > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 read client key > exchange A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 read finished A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write change > cipher spec A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 write finished A > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: SSL_accept:SSLv3 flush data > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: mail-db3lp0084.outbound. > protection.outlook.com[213.199.154.84]: save session > 951C66833DABEBA07BCBFA9F5DAD5E6281408A0C0596DA29A852F370D81191B7&s=smtpd&l=268435459 > to smtpd cache > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: Anonymous TLS connection > established from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]: > TLSv1 with cipher AES128-SHA (128/128 bits) > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: lost connection after EHLO from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > Feb 5 16:01:21 mx1 postfix/smtpd[22789]: disconnect from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > > > While on mx3 I'm always seeing SSL_accept error. (master.cf and main.cfare > the same on both mx's.) > > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: connect from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: setting up TLS connection from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: mail-db3lp0084.outbound. > protection.outlook.com[213.199.154.84]: TLS cipher list > "ALL:+RC4:@STRENGTH" > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:before/accept > initialization > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 read client > hello A > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 write server > hello A > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 write > certificate A > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 write server > done A > Feb 5 16:00:58 mx3 postfix/smtpd[14898]: SSL_accept:SSLv3 flush data > Feb 5 16:05:58 mx3 postfix/smtpd[14898]: SSL_accept error from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84]: > Connection timed out > Feb 5 16:05:58 mx3 postfix/smtpd[14898]: lost connection after STARTTLS > from mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > Feb 5 16:05:58 mx3 postfix/smtpd[14898]: disconnect from > mail-db3lp0084.outbound.protection.outlook.com[213.199.154.84] > > > I've searched the archives and not yet found anything to point me towards > what's going on or if the problem is my end. > > > I thought I'd start by asking if anyone else is seeing/has seen problems > like this? > > > Thanks > > > Alan >
