A. Schulze:
Viktor Dukhovni:
diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c
there is an other side effect:
I configured
smtpd_tls_cert_file = /etc/ssl/${myhostname}/cert+intermediate.pem
smtpd_tls_key_file = /etc/ssl/${myhostname}/key.pem
smtp_tls_cert_file = /etc/ssl/${myhostname}/cert+intermediate.pem
smtp_tls_key_file = /etc/ssl/${myhostname}/key.pem
now, on my lab maschine, a little bit complicated via
sender_dependent_relayhost_maps
@example.org [mail.example.org]:465
and to enforce the (local required) smtp_wrapper_mode
sender_dependent_default_transport_maps
@example.org submissions:
"submissions" is defined in master.cf:
submissions unix - - y - - smtp
-o smtp_tls_security_level=encrypt
-o smtp_tls_wrappermode=yes
-o syslog_name=postfix/${service_name}
now, "sendmail -f sen...@example.org -bc recipi...@example.org" throw
this error:
Feb 19 14:24:09 spider postfix/pickup[3865]: 443hK512TRzMvsx7:
uid=1000 from=<sen...@example.org>
Feb 19 14:24:09 spider postfix/cleanup[3869]: 443hK512TRzMvsx7:
message-id=<443hK512TRzMvsx7@$myhostname>
Feb 19 14:24:09 spider postfix/qmgr[3866]: 443hK512TRzMvsx7:
from=<sender@example>, size=302, nrcpt=1 (queue active)
Feb 19 14:24:09 spider postfix/tlsproxy[3873]: CONNECT to [192.0.2.25]:465
Feb 19 14:24:09 spider postfix/submissions/smtp[3895]: panic:
VSTREAM_CTL_SWAP_FD can't swap descriptors between single-buffered and
double-buffered streams
Feb 19 14:24:09 spider postfix/tlsproxy[3873]: Trusted TLS connection
established to mail.example.org[192.0.2.25]:465: TLSv1.3 with cipher
TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384)
server-signature RSA-PSS (4096 bits) server-digest SHA256
Feb 19 14:24:10 spider postfix/qmgr[3866]: warning:
private/submissions socket: malformed response
Feb 19 14:24:10 spider postfix/qmgr[3866]: warning: transport
submissions failure -- see a previous warning/fatal/panic logfile
record for the problem description
Feb 19 14:24:10 spider postfix/master[2282]: warning: process
/usr/lib/postfix/smtp pid 3895 killed by signal 6
Feb 19 14:24:10 spider postfix/master[2282]: warning:
/usr/lib/postfix/smtp: bad command startup -- throttling
Feb 19 14:24:10 spider postfix/tlsproxy[3873]: DISCONNECT [192.0.2.25]:465
Feb 19 14:24:10 spider postfix/error[3875]: 443hK512TRzMvsx7:
to=<recipi...@example.org>, relay=none, delay=1, delays=0.02/1/0/0.01,
dsn=4.3.0, status=undeliverable (unknown mail transport error)
( last line isn't the surprise ... )
I guess it's related to my previous posting.
Andreas
