In message <20160115235712.gn...@mournblade.imrryr.org> Viktor Dukhovni writes: > > On Fri, Jan 15, 2016 at 06:47:38PM -0500, Curtis Villamizar wrote: > > > Viktor, > > > > If you are still interested below is a tcpdump. > > > > If not interested, please just delete. > > I was looking for a binary PCAP file, not an ASCII decode. Yes, > it would be good to know whether Comcast was having ECDSA issues, > or something else. > > -- > Viktor.
Viktor, It took a while to get a dumpfile. My tcpdump command only covered a subset of comcast.net mailhosts. This has a failed TLS negotiation and a few packets from a next attempt. The log entry below covers this first connection. This fails but fallback to the secondary MX happens and mail gets delivered. Curtis Jan 21 16:42:07 mta3 postfix/smtpd[26462]: connect from resqmta-po-06v.sys.comcast.net[2001:558:fe16:19:96:114:154:165] Jan 21 16:42:07 mta3 postfix/smtpd[26462]: setting up TLS connection from resqmta-po-06v.sys.comcast.net[2001:558:fe16:19:96:114:154:165] Jan 21 16:42:07 mta3 postfix/smtpd[26462]: resqmta-po-06v.sys.comcast.net[2001:558:fe16:19:96:114:154:165]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH:!aNULL:!MD5:!DES:!aNULL" Jan 21 16:42:07 mta3 postfix/smtpd[26462]: SSL_accept:before/accept initialization Jan 21 16:42:07 mta3 postfix/smtpd[26462]: SSL3 alert write:fatal:handshake failure Jan 21 16:42:07 mta3 postfix/smtpd[26462]: SSL_accept:error in error Jan 21 16:42:07 mta3 postfix/smtpd[26462]: SSL_accept:error in error Jan 21 16:42:07 mta3 postfix/smtpd[26462]: SSL_accept error from resqmta-po-06v.sys.comcast.net[2001:558:fe16:19:96:114:154:165]: -1 Jan 21 16:42:07 mta3 postfix/smtpd[26462]: warning: TLS library problem: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1411: Jan 21 16:42:07 mta3 postfix/smtpd[26462]: lost connection after STARTTLS from resqmta-po-06v.sys.comcast.net[2001:558:fe16:19:96:114:154:165] Jan 21 16:42:07 mta3 postfix/smtpd[26462]: disconnect from resqmta-po-06v.sys.comcast.net[2001:558:fe16:19:96:114:154:165] ehlo=1 starttls=0/1 commands=1/2 Jan 21 16:42:08 mta3 postfix/smtpd[26462]: connect from resqmta-po-06v.sys.comcast.net[96.114.154.165] Jan 21 16:42:08 mta3 postfix/smtpd[26462]: setting up TLS connection from resqmta-po-06v.sys.comcast.net[96.114.154.165] Jan 21 16:42:08 mta3 postfix/smtpd[26462]: resqmta-po-06v.sys.comcast.net[96.114.154.165]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH:!aNULL:!MD5:!DES:!aNULL" Jan 21 16:42:08 mta3 postfix/smtpd[26462]: SSL_accept:before/accept initialization Jan 21 16:42:08 mta3 postfix/smtpd[26462]: SSL3 alert write:fatal:handshake failure Jan 21 16:42:08 mta3 postfix/smtpd[26462]: SSL_accept:error in error Jan 21 16:42:08 mta3 postfix/smtpd[26462]: SSL_accept:error in error Jan 21 16:42:08 mta3 postfix/smtpd[26462]: SSL_accept error from resqmta-po-06v.sys.comcast.net[96.114.154.165]: -1 Jan 21 16:42:08 mta3 postfix/smtpd[26462]: warning: TLS library problem: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1411: Jan 21 16:42:08 mta3 postfix/smtpd[26462]: lost connection after STARTTLS from resqmta-po-06v.sys.comcast.net[96.114.154.165]
binrbAi2QYSBf.bin
Description: application/binary
