Ole Laursen:
> telnet aspmx.l.google.com 25
> Trying 74.125.205.26...
> Connected to aspmx.l.google.com.
> Escape character is '^]'.
> 220
> ******************************************************************************
Wietse Venema <wie...@porcupine.org>:
Should have looked like:
Connected to 74.125.205.26.
Escape character is '^]'.
220 mx.google.com ESMTP
c10-20020a2ea78a000000b0024f3b903d0asi6691935ljf.119 - gsmtp
You are talking to a box-in-the-middle. Good luck doing TLS with that.
On 02.05.22 13:59, Ole Laursen wrote:
That's interesting. Thank you. It did not occur to me that the
firewall causing trouble could be in the sending end.
EHLO works, and when I remove disable_esmtp from the PIX workarounds,
send a message and inspect the email headers in gmail.com, one of
Google's servers says it has received it through TLS
Received: from YYYYYYYY (YYYYYYYY. [XXX.XXX.XXX.XXX])
by mx.google.com with ESMTPS id
m18-20020a2e5812000000b0024daf53cbf9si12927809ljb.114.2022.05.02.02.13.25
for <o...@iola.dk>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
which it didn't before. So I guess STARTTLS also works.
The ********* block is just weird. I'll have to talk to our hosting provider.
that is what PIX and smtp "fixups" do/did. There's more - try sending
"ehlo YYYYYYYY" if it looks like this:
220 *************************
ehlo fantomas.fantomas.sk
250-mail.example.com
250-AUTH CRAM-MD5 PLAIN LOGIN DIGEST-MD5
250-XXXXXXXA
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-PIPELINING
250-ETRN
250-DSN
250 XXXB
the second line may originally be "STARTTLS"
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
