On 2015-08-04 5:59 pm, Viktor Dukhovni wrote:
On Tue, Aug 04, 2015 at 05:04:20PM -0500, Brad Chandler wrote:
I would like to enforce smtp tls for a domain and all of it's
subdomains
except one. For example my tls_policy file would look something like
this:
.example.com encrypt
test.exam
On Tue, Aug 04, 2015 at 05:04:20PM -0500, Brad Chandler wrote:
> I would like to enforce smtp tls for a domain and all of it's subdomains
> except one. For example my tls_policy file would look something like this:
>
> .example.com encrypt
> test.example.com may
>
> Will this work?
Mostly
On 04/05/2015 10:45, Viktor Dukhovni wrote:
On Mon, May 04, 2015 at 08:59:10AM +0300, Birta Levente wrote:
Can you reproduce the problem by using "-CAfile $cafile" with
s_client(1)? I don't see how adding a trusted CA can break the
handshake if the CA is well formed.
Please provide more infor
On Mon, May 04, 2015 at 08:59:10AM +0300, Birta Levente wrote:
> > Can you reproduce the problem by using "-CAfile $cafile" with
> > s_client(1)? I don't see how adding a trusted CA can break the
> > handshake if the CA is well formed.
> >
> > Please provide more information. Please attach a gzi
On 30/04/2015 17:38, Viktor Dukhovni wrote:
On Thu, Apr 30, 2015 at 10:29:29AM +0300, Birta Levente wrote:
On 30/04/2015 10:17, Viktor Dukhovni wrote:
On Thu, Apr 30, 2015 at 10:09:36AM +0300, Birta Levente wrote:
OK, I found the problem:
I had configured the smtp_tls_CAfile. Removing everyt
Birta Levente skrev den 2015-04-29 15:47:
But something happening after negotiation.
My knowledge is not deep at all, but certainly they have problem with
TLSv1.2.
posttls-finger -P /etc/ssl/certs irs-ro.mail.eo.outlook.com
shows Verified here
On Thu, Apr 30, 2015 at 10:29:29AM +0300, Birta Levente wrote:
> On 30/04/2015 10:17, Viktor Dukhovni wrote:
> >On Thu, Apr 30, 2015 at 10:09:36AM +0300, Birta Levente wrote:
> >
> >>OK, I found the problem:
> >>I had configured the smtp_tls_CAfile. Removing everything works fine.
> >Was the file
On 30/04/2015 10:17, Viktor Dukhovni wrote:
On Thu, Apr 30, 2015 at 10:09:36AM +0300, Birta Levente wrote:
OK, I found the problem:
I had configured the smtp_tls_CAfile. Removing everything works fine.
Was the file malformed? I have a hard time imagining any non-empty
set of well-formed certs
On Thu, Apr 30, 2015 at 10:09:36AM +0300, Birta Levente wrote:
> OK, I found the problem:
> I had configured the smtp_tls_CAfile. Removing everything works fine.
Was the file malformed? I have a hard time imagining any non-empty
set of well-formed certs in that file causing the problem you
descr
On 30/04/2015 09:58, Viktor Dukhovni wrote:
On Thu, Apr 30, 2015 at 09:25:48AM +0300, Birta Levente wrote:
Perhaps some sort of middle-box is interfering with TLS on your
end. Also, what version of OpenSSL are you using?
Well "your end" can be anywhere between you and the Microsoft email
host
On 30 Apr 2015, at 08:46, Birta Levente wrote:
> Looked at the mailing list archive I resolved with smtp_tls_policy_maps =
> hash:/etc/postfix/tls_policy:
>
> tls_policy:
> irs.ro may protocols=TLSv1 ciphers=medium exclude=3DES:MD5
Instead of forcing "TLSv1"
On Thu, Apr 30, 2015 at 09:25:48AM +0300, Birta Levente wrote:
> >Perhaps some sort of middle-box is interfering with TLS on your
> >end. Also, what version of OpenSSL are you using?
Well "your end" can be anywhere between you and the Microsoft email
hosting mail servers.
> I make a test on ano
On 30/04/2015 09:36, DTNX Postmaster wrote:
On 30 Apr 2015, at 08:25, Birta Levente wrote:
On 29/04/2015 20:56, Viktor Dukhovni wrote:
On Wed, Apr 29, 2015 at 03:53:00PM +0300, Birta Levente wrote:
I see many SSL_connect error for different domains which mail
service hosted
at microsoft:
On 30 Apr 2015, at 08:25, Birta Levente wrote:
> On 29/04/2015 20:56, Viktor Dukhovni wrote:
>> On Wed, Apr 29, 2015 at 03:53:00PM +0300, Birta Levente wrote:
>>
>>> I see many SSL_connect error for different domains which mail service hosted
>>> at microsoft:
>>>
>>> Apr 28 10:32:12 srv1 postf
On 29/04/2015 20:56, Viktor Dukhovni wrote:
On Wed, Apr 29, 2015 at 03:53:00PM +0300, Birta Levente wrote:
I see many SSL_connect error for different domains which mail service hosted
at microsoft:
Apr 28 10:32:12 srv1 postfix/smtp[18296]: SSL_connect error to
irs-ro.mail.eo.outlook.com[213.19
On Wed, Apr 29, 2015 at 03:53:00PM +0300, Birta Levente wrote:
> I see many SSL_connect error for different domains which mail service hosted
> at microsoft:
>
> Apr 28 10:32:12 srv1 postfix/smtp[18296]: SSL_connect error to
> irs-ro.mail.eo.outlook.com[213.199.154.87]:25: lost connection
> Apr 2
On 29/04/2015 16:06, DTNX Postmaster wrote:
On 29 Apr 2015, at 14:53, Birta Levente wrote:
Hello
I see many SSL_connect error for different domains which mail service hosted at
microsoft:
Apr 28 10:32:12 srv1 postfix/smtp[18296]: SSL_connect error to
irs-ro.mail.eo.outlook.com[213.199.154.
On 29 Apr 2015, at 14:53, Birta Levente wrote:
> Hello
>
> I see many SSL_connect error for different domains which mail service hosted
> at microsoft:
>
> Apr 28 10:32:12 srv1 postfix/smtp[18296]: SSL_connect error to
> irs-ro.mail.eo.outlook.com[213.199.154.87]:25: lost connection
> Apr 28
18 matches
Mail list logo
