[pfx] Accepting mail from old Dell iDRAC

Charles Sprickman via Postfix-users Tue, 01 Aug 2023 22:28:29 -0700

Hi all,

I'm having a heck of a time figuring out how to see just what this Dell is 
offering when speaking to Postfix...


It's an "iDRAC7", which is just a little management card. I want it to be able 
to send some email alerts, but I keep getting warnings about a cipher mismatch. 
With some debugging I think there's some hints here, but OpenSSL seems to not 
really provide much info on the "cipher mismatch" (including perhaps, what 
cipher the remote end is using).

TLS stuff is mostly defaults:

[root@mail /usr/local/etc/postfix]# postconf -n |grep smtpd_tls
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /usr/local/etc/dehydrated/certs/foo/fullchain.pem
smtpd_tls_key_file = /usr/local/etc/dehydrated/certs/foo/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may

Log showing the attempt:

Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-mail.ANON.com
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-PIPELINING
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-SIZE 80480000
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-VRFY
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-ETRN
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-STARTTLS
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-AUTH PLAIN LOGIN
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-ENHANCEDSTATUSCODES
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-8BITMIME
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-DSN
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250-SMTPUTF8
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 250 CHUNKING
Aug  2 01:18:56 mail postfix/smtpd[28114]: smtp_stream_setup: maxtime=300 
enable_deadline=0 min_data_rate=0
Aug  2 01:18:56 mail postfix/smtpd[28114]: < 
pool-ANON.fios.verizon.net[10.10.10.2]: STARTTLS
Aug  2 01:18:56 mail postfix/smtpd[28114]: > 
pool-ANON.fios.verizon.net[10.10.10.2]: 220 2.0.0 Ready to start TLS
Aug  2 01:18:56 mail postfix/smtpd[28114]: send attr request = seed
Aug  2 01:18:56 mail postfix/smtpd[28114]: send attr size = 32
Aug  2 01:18:56 mail postfix/smtpd[28114]: private/tlsmgr: wanted attribute: 
status
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute name: status
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute value: 0
Aug  2 01:18:56 mail postfix/smtpd[28114]: private/tlsmgr: wanted attribute: 
seed
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute name: seed
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute value: 
la0eHtZ9aplJpX+t8cRd1qASHgFcwSjHmuVUb7Wys7Q=
Aug  2 01:18:56 mail postfix/smtpd[28114]: private/tlsmgr: wanted attribute: 
(list terminator)
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute name: (end)
Aug  2 01:18:56 mail postfix/smtpd[28114]: SSL_accept error from 
pool-ANON.fios.verizon.net[10.10.10.2]: -1
Aug  2 01:18:56 mail postfix/smtpd[28114]: warning: TLS library problem: 
error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared 
cipher:/usr/src/crypto/openssl/ssl/statem/statem_srvr.c:2285:
Aug  2 01:18:56 mail postfix/smtpd[28114]: smtp_stream_setup: maxtime=300 
enable_deadline=0 min_data_rate=0
Aug  2 01:18:56 mail postfix/smtpd[28114]: match_hostname: 
smtpd_client_event_limit_exceptions: pool-ANON.fios.verizon.net ~? 127.0.0.0/8
Aug  2 01:18:56 mail postfix/smtpd[28114]: match_hostaddr: 
smtpd_client_event_limit_exceptions: 10.10.10.2 ~? 127.0.0.0/8
Aug  2 01:18:56 mail postfix/smtpd[28114]: match_hostname: 
smtpd_client_event_limit_exceptions: pool-ANON.fios.verizon.net ~? 
207.99.53.208/28
Aug  2 01:18:56 mail postfix/smtpd[28114]: match_hostaddr: 
smtpd_client_event_limit_exceptions: 10.10.10.2 ~? 207.99.53.208/28
Aug  2 01:18:56 mail postfix/smtpd[28114]: match_list_match: 
pool-ANON.fios.verizon.net: no match
Aug  2 01:18:56 mail postfix/smtpd[28114]: match_list_match: 10.10.10.2: no 
match
Aug  2 01:18:56 mail postfix/smtpd[28114]: send attr request = disconnect
Aug  2 01:18:56 mail postfix/smtpd[28114]: send attr ident = 587:10.10.10.2
Aug  2 01:18:56 mail postfix/smtpd[28114]: private/anvil: wanted attribute: 
status
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute name: status
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute value: 0
Aug  2 01:18:56 mail postfix/smtpd[28114]: private/anvil: wanted attribute: 
(list terminator)
Aug  2 01:18:56 mail postfix/smtpd[28114]: input attribute name: (end)
Aug  2 01:18:56 mail postfix/smtpd[28114]: lost connection after STARTTLS from 
pool-ANON.fios.verizon.net[10.10.10.2]
Aug  2 01:18:56 mail postfix/smtpd[28114]: disconnect from 
pool-ANON.fios.verizon.net[10.10.10.2] ehlo=1 starttls=0/1 commands=1/2
Aug  2 01:18:56 mail postfix/smtpd[28114]: name_mask: no_milters

I'm lost here - Dell doesn't really document what they're trying to do and the 
OpenSSL stuff doesn't seem to be coughing up a whole lot of info to give me a 
hint as to what cipher is being tried so I can allow it...

How can I troubleshoot this a bit more?

Thanks,

Charles

_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Accepting mail from old Dell iDRAC

Reply via email to