Hi!
After upgrading to postfix 3.1 (from 2.9), one of our clients said, it
cannot send mail anymore(he has OE6 on XP and said it's planned to
upgrade, but not now).
What we got in log's:
postfix/smtpd[16747]: connect from CLIENTIP
postfix/smtpd[16747]: setting up TLS connection from CLIENTIP
postfix/smtpd[16747]: CLIENTIP: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
postfix/smtpd[16747]: SSL_accept:before SSL initialization
postfix/smtpd[16747]: SSL_accept:before SSL initialization
postfix/smtpd[16747]: SSL3 alert write:fatal:handshake failure
postfix/smtpd[16747]: SSL_accept:error in error
postfix/smtpd[16747]: SSL_accept error from CLIENTIP: -1
postfix/smtpd[16747]: warning: TLS library problem: error:1417A0C1:SSL
routines:tls_post_process_client_hello:no shared
cipher:../ssl/statem/statem_srvr.c:1422:
postfix/smtpd[16747]: lost connection after STARTTLS from CLIENTIP
postfix/smtpd[16747]: disconnect from CLIENTIP ehlo=1 starttls=0/1
commands=1/2
postfix/smtpd[16801]: connect from CLIENTIP
postfix/smtpd[16801]: lost connection after MAIL from CLIENTIP
postfix/smtpd[16801]: disconnect from CLIENTIP ehlo=1 mail=1 commands=2
Regards to ciphers configuration - everything is left default:
# postconf -n | grep cipher
#
We also noticed that tls_medium_cipherlist has changed, is it cause of
this problem (real cause is old software though)?
--
KSB
