Wietse Venema <wie...@porcupine.org>:
> Ole Laursen:
> > telnet aspmx.l.google.com 25
> > Trying 74.125.205.26...
> > Connected to aspmx.l.google.com.
> > Escape character is '^]'.
> > 220
> > ******************************************************************************
>
> Should have looked like:
>
> Connected to 74.125.205.26.
> Escape character is '^]'.
> 220 mx.google.com ESMTP
> c10-20020a2ea78a000000b0024f3b903d0asi6691935ljf.119 - gsmtp
>
> You are talking to a box-in-the-middle. Good luck doing TLS with that.
That's interesting. Thank you. It did not occur to me that the
firewall causing trouble could be in the sending end.
EHLO works, and when I remove disable_esmtp from the PIX workarounds,
send a message and inspect the email headers in gmail.com, one of
Google's servers says it has received it through TLS
Received: from YYYYYYYY (YYYYYYYY. [XXX.XXX.XXX.XXX])
by mx.google.com with ESMTPS id
m18-20020a2e5812000000b0024daf53cbf9si12927809ljb.114.2022.05.02.02.13.25
for <o...@iola.dk>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
which it didn't before. So I guess STARTTLS also works.
The ********* block is just weird. I'll have to talk to our hosting provider.
Ole
