On Sat, Apr 12, 2014 at 07:39:22PM -0400, Rick Zeman wrote:
> Apr 11 22:10:15 miniserv.private postfix/smtpd[90054]: SSL_accept
> error from unknown[93.157.46.40]: 0
> Apr 11 22:10:15 miniserv.private postfix/smtpd[90054]: warning: TLS
> library problem: 90054:error:14094416:SSL
> routines:SSL3_READ_BYTES:sslv3 alert certificate
> unknown:/SourceCache/OpenSSL098/OpenSSL098-50/src/ssl/s3_pkt.c:1106:SSL
> alert number 46:
> Apr 11 22:10:15 miniserv.private postfix/smtpd[90054]: lost connection
> after STARTTLS from unknown[93.157.46.40]
> Apr 11 22:10:15 miniserv.private postfix/smtpd[90054]: disconnect from
> unknown[93.157.46.40]
There is no evidence here for or against a heartbleed attack, all
I see is that the SMTP client is silly enough to perform certificate
validation, and fail when the certificate does not match.
--
Viktor.
