Re: TLS issue with purchase order emails from ariba.com system.

Wed, 15 Jun 2022 10:40:12 -0700 

On 15/6/2022 3:08 am, Viktor Dukhovni wrote:


Increasing security is primarily about raising the *ceiling*, and rarely
about raising not floor.  When you set the bar too high, instead of
greater security, mail is sent in the clear or not at all.


Got better logs for the ariba.com problem. The logging was set to 2.

Unfortunately I am not experienced enough to find the problem from the logs.

Any suggests?


Please note, I am still finding how to force renew with the letsencrypt 
certs with the new renewal settings.


-------------------- start ------------------------

Jun 15 21:13:15 mail postfix/smtpd[887899]: connect from 
ansmtp.ariba.com[216.109.104.12]
Jun 15 21:13:15 mail postfix/smtpd[887899]: discarding EHLO keywords: 
CHUNKING
Jun 15 21:13:15 mail postfix/smtpd[887899]: setting up TLS connection 
from ansmtp.ariba.com[216.109.104.12]
Jun 15 21:13:15 mail postfix/smtpd[887899]: 
ansmtp.ariba.com[216.109.104.12]: TLS cipher list 
"aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:before SSL 
initialization
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:before SSL 
initialization
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:SSLv3/TLS read 
client hello
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:SSLv3/TLS write 
server hello
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:SSLv3/TLS write 
certificate
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:SSLv3/TLS write 
key exchange
Jun 15 21:13:15 mail postfix/smtpd[887899]: SSL_accept:SSLv3/TLS write 
server done
Jun 15 21:13:16 mail postfix/smtpd[887899]: SSL_accept:error in 
SSLv3/TLS write server done
Jun 15 21:13:16 mail postfix/smtpd[887899]: SSL_accept error from 
ansmtp.ariba.com[216.109.104.12]: Connection reset by peer
Jun 15 21:13:16 mail postfix/smtpd[887899]: lost connection after 
STARTTLS from ansmtp.ariba.com[216.109.104.12]
Jun 15 21:13:16 mail postfix/smtpd[887899]: disconnect from 
ansmtp.ariba.com[216.109.104.12] ehlo=1 starttls=0/1 commands=1/2


---------------------- end ------------------------

P.V.Anthony
























					Reply via email to