[pfx] Re: SSL_accept error for smtpd

On Tue, Jun 11, 2024 at 09:55:56AM +0800, Jeff Peng via Postfix-users wrote: > Jun 11 01:52:16 tls-mail postfix/smtpd[67409]: warning: > TLS library problem:error:1417A0C1:SSL routines: > tls_post_process_client_hello:no shared cipher: > ../ssl/statem/statem_srvr.c:2283: > Jun 11 01:52:16 tls-mail

[pfx] Re: SSL_accept error for smtpd

Thanks Wietse. The request is not maken by our client, so I am safe to ignore the error. If this does not happen with a legitimate client, then this could be someone who is looking for trouble (they failed) and you can ignore the problem. ___ Post

[pfx] Re: SSL_accept error for smtpd

Jeff Peng via Postfix-users: > Hello > > what's this error in mail.log? > > Jun 11 01:52:15 tls-mail postfix/smtpd[67409]: connect from > unknown[172.210.47.140] > Jun 11 01:52:16 tls-mail postfix/smtpd[67409]: SSL_accept error from > unknown[172.210.47.140]:

[pfx] SSL_accept error for smtpd

Hello what's this error in mail.log? Jun 11 01:52:15 tls-mail postfix/smtpd[67409]: connect from unknown[172.210.47.140] Jun 11 01:52:16 tls-mail postfix/smtpd[67409]: SSL_accept error from unknown[172.210.47.140]: -1 Jun 11 01:52:16 tls-mail postfix/smtpd[67409]: warning: TLS li

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

On Mon, May 08, 2023 at 04:22:29PM -0500, E R via Postfix-users wrote: > Thank you so much for the suggestion to review the crypto setting as this > indeed a RedHat based distribution. I confirmed it is set to "default" > which means “The default system-wide cryptographic policy level offers > s

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

The /usr/share/crypto-policies/DEFAULT/opensslcnf.txt on RHEL 9 looks identical to what you posted for Fedora. I am not a RHEL expert but I have not see any references to opt out of the crypto policy on a per application basis. You can customize an existing crypto policy or create your own. I t

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

so it can be wiped and recycled. On Fri, May 5, 2023 at 7:29 PM Viktor Dukhovni via Postfix-users < postfix-users@postfix.org> wrote: > On Fri, May 05, 2023 at 06:55:23PM -0500, E R via Postfix-users wrote: > > > postfix/smtpd[1234567]: SSL_accept error from > xxx.xxx.xxx[y

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

I don't even know whether RedHat exposes any mechanisms for applications> to opt-out of crypto policy and use only application-driven OpenSSL> configuration. This is should perhaps be looked into in the Postfix 3.9> timeframe. from my notes dealing with new Fedora crypto-policies on a number o

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

On Fri, May 05, 2023 at 08:28:48PM -0400, Viktor Dukhovni via Postfix-users wrote: > You should of course also share > (https://www.postfix.org/DEBUG_README.html#mail) > > $ postconf -nf > $ postconf -Mf > > without any changes in whitespace, including line breaks. Attaching > these a

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

> > > > Because TLS/SSL things are very complex, you have to show us real > settings all. Like me: (yw-0919: inbound, yw-1204: outbound) > [1] https://gitlab.com/soyeomul/Gnus/-/raw/master/DKIM/smtp-conf.yw-0919 > [2] https://gitlab.com/soyeomul/Gnus/-/raw/master/DKIM/smtp-conf.yw-1204 > And P

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

; > Am I missing anything? > > [snippet from main.cf] > smtpd_tls_security_level = may > > [snippet from log] > May 05 16:27:59 zzz postfix/smtpd[1234567]: connect from > xxx.xxx.xxx[yyy.yyy.yyy.yyy] > May 05 16:27:59 zzz postfix/smtpd[1234567]: SSL_accept error fr

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

On Fri, May 05, 2023 at 06:55:23PM -0500, E R via Postfix-users wrote: > postfix/smtpd[1234567]: SSL_accept error from xxx.xxx.xxx[yyy.yyy.yyy.yyy]: -1 > postfix/smtpd[1234567]: warning: TLS library problem: > error:0398:digital envelope routines::invalid > digest:crypto/evp/m_

[pfx] TLS Library Problem? (SSL_accept error from ...)

xxx.xxx.xxx[yyy.yyy.yyy.yyy] May 05 16:27:59 zzz postfix/smtpd[1234567]: SSL_accept error from xxx.xxx.xxx[yyy.yyy.yyy.yyy]: -1 May 05 16:27:59 zzz postfix/smtpd[1234567]: warning: TLS library problem: error:0398:digital envelope routines::invalid digest:crypto/evp/m_sigver.c:343: May 05 16:27:59 zzz

[pfx] Re: Debugging SSL_accept error Connection reset by peer

On 2023-04-11 15:49:30, Matus UHLAR - fantomas via Postfix-users wrote: Perhaps you could disable STARTTLS extension for this particular address by using smtpd_discard_ehlo_keyword_address_maps: smtpd_discard_ehlo_keyword_address_maps=hash:/etc/postfix/smtpd_keywords /etc/postfix/smtpd_keywords

[pfx] Re: Debugging SSL_accept error Connection reset by peer

On Tue, Apr 11, 2023 at 08:32:19AM -0400, micah anderson via Postfix-users wrote: > >> The certificate that the server sends (smtpd_tls_cert_file) is [...] > >> is the client refusing my certificate at this stage? > > > > See above. Your certificate details look fine: > > Good. Of course some

[pfx] Re: Debugging SSL_accept error Connection reset by peer

:00 mx1 postfix/smtpd[1680368]: >>>> SSL_accept:SSLv3/TLS write key exchange >>>> 2023-04-06T07:34:42.317879+00:00 mx1 postfix/smtpd[1680368]: >>>> SSL_accept:SSLv3/TLS write server done >>>> 2023-04-06T07:34:42.337252+00:00 mx1 postfix/smtpd[1680368]: >>>&g

[pfx] Re: Debugging SSL_accept error Connection reset by peer

-06T07:34:42.338243+00:00 mx1 postfix/smtpd[1680368]: SSL_accept error from mail2.wsecu.org[65.125.209.36]: Connection reset by peer On 2023-04-07 13:25:42, Viktor Dukhovni via Postfix-users wrote: The SMTP client closed the TCP connection at some point while receiving the server TLS Hello

[pfx] Re: Debugging SSL_accept error Connection reset by peer

g to >> determine the best way to debug these SSL_accept error messages and >> turn them into a solution so the mail can be actually sent. >> >> With smtpd_tls_log_level = 2, I was able to capture the information >> about the what is happening in the transaction: >

[pfx] Re: Debugging SSL_accept error Connection reset by peer

On Fri, Apr 07, 2023 at 11:25:33AM -0400, micah via Postfix-users wrote: > I have a few remote hosts who cannot send me mail, and I'm trying to > determine the best way to debug these SSL_accept error messages and > turn them into a solution so the mail can be actually s

[pfx] Debugging SSL_accept error Connection reset by peer

Hello, I have a few remote hosts who cannot send me mail, and I'm trying to determine the best way to debug these SSL_accept error messages and turn them into a solution so the mail can be actually sent. With smtpd_tls_log_level = 2, I was able to capture the information about the wh

Re: SSL_accept error from unknown[10.5.2.1]: lost connection

log and after > researching > > and making changes cannot fix them. > > I searched on the web and there are many different cases discussed, > but... > > > > Feb 5 03:50:12 home postfix/smtps/smtpd[402300]: SSL_accept error from > > unknown[10.5.2.1]: lost connecti

Re: SSL_accept error from unknown[10.5.2.1]: lost connection

I find these error messages in /var/log/maillog and after researching > and making changes cannot fix them. > I searched on the web and there are many different cases discussed, but... > > Feb 5 03:50:12 home postfix/smtps/smtpd[402300]: SSL_accept error from > unknown[10.5.2.1]:

Re: SSL_accept error from unknown[10.5.2.1]: lost connection

On Tue, Feb 07, 2023 at 05:59:52PM +0100, Wolfgang Paul Rauchholz wrote: > Feb 5 03:50:12 home postfix/smtps/smtpd[402300]: > SSL_accept error from unknown[10.5.2.1]: lost connection > Feb 5 03:50:12 home postfix/smtps/smtpd[402300]: > lost connection after CONNECT from unkn

SSL_accept error from unknown[10.5.2.1]: lost connection

researching and making changes cannot fix them. I searched on the web and there are many different cases discussed, but... Feb 5 03:50:12 home postfix/smtps/smtpd[402300]: SSL_accept error from unknown[10.5.2.1]: lost connection Feb 5 03:50:12 home postfix/smtps/smtpd[402300]: lost connection

Re: SSL_accept error from unknown

On 19/10/2021 05:59, Maurizio Caloro wrote: see today logs "SSL_accept Error", please its this a known issue? installed Postfix 3.4.14, Openssl 1.1.1d, Debian 10.11. Oct 19 05:59:18 nmail postfix/smtps/smtpd[32720]: SSL_accept error from 232.115.xx.xx.static.ip.windstream.net[40

SSL_accept error from unknown

Hello see today logs "SSL_accept Error", please its this a known issue? installed Postfix 3.4.14, Openssl 1.1.1d, Debian 10.11. Oct 19 05:59:18 nmail postfix/smtps/smtpd[32720]: SSL_accept error from 232.115.xx.xx.static.ip.windstream.net[40.138.xx.xx]: lost connection Oct 19 06:4

RE: SSL_accept error on just one of several similar servers

> > > On Mar 26, 2018, at 1:07 AM, Michael Fox wrote: > > > > Any idea of what's wrong? Or how to find out what's wrong? > > Most likely a firewall is (mis)configured to block STARTTLS. > > -- > Viktor. You were correct! The IT guys started filtering by domain name in their firewall, w

Re: SSL_accept error on just one of several similar servers

> On Mar 26, 2018, at 1:07 AM, Michael Fox wrote: > > Any idea of what's wrong? Or how to find out what's wrong? Most likely a firewall is (mis)configured to block STARTTLS. -- Viktor.

SSL_accept error on just one of several similar servers

could not be sent because the connection to Outgoing server (SMTP) host.domain timed out. Try again. /var/log/mail.log shows: Mar 25 21:35:19 w1xsc-gw postfix/submission/smtpd[9565]: connect from client.domain.org[xx.xx.xx.xx] Mar 25 21:35:19 w1xsc-gw postfix/submission/smtpd[9565]: SSL_accept

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

On Wed, Oct 25, 2017, at 06:57 AM, Petri Riihikallio wrote: > > I checked the server and this is how it's configured > > > > postconf -n | grep smtpd | grep tls | grep ciphers > > smtpd_tls_ciphers = medium > > smtpd_tls_exclude_ciphers = EXPORT, LOW, RC4, eNULL, NULL > > smtpd_tls_mandatory_

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

> I checked the server and this is how it's configured > > postconf -n | grep smtpd | grep tls | grep ciphers > smtpd_tls_ciphers = medium > smtpd_tls_exclude_ciphers = EXPORT, LOW, RC4, eNULL, NULL > smtpd_tls_mandatory_ciphers = medium > smtpd_tls_mandatory_exclude_ciphers = aNULL > tlsprox

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

On Wed, Oct 25, 2017, at 06:45 AM, Matus UHLAR - fantomas wrote: > > postconf -n | grep smtpd | grep tls | grep ciphers > > smtpd_tls_ciphers = medium > > smtpd_tls_mandatory_ciphers = medium > > this looks like you only accept medium grade ciphers ... so no high grade. > That means, Petri wa

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

On Wed, Oct 25, 2017, at 03:39 AM, Petri Riihikallio wrote: You and UPS require different sets of ciphers and have none in common. Either you have tinkered with server cipher requirements or UPS has edited their client cipher list. Check your postconf -n to find out if its you. http://www.postf

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

On Wed, Oct 25, 2017, at 06:32 AM, Fazzina, Angelo wrote: > When it works I get this > > Oct 25 09:30:01 mta1 postfix/smtpd[2313]: Anonymous TLS connection > established from unknown[60.6.49.148]: TLSv1.2 with cipher > DHE-RSA-AES256-GCM-SHA384 (256/256 bits) Sure, here too. This server gets l

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

On Wed, Oct 25, 2017, at 03:39 AM, Petri Riihikallio wrote: > You and UPS require different sets of ciphers and have none in common. Either > you have tinkered with server cipher requirements or UPS has edited their > client cipher list. Check your postconf -n to find out if its you. > http://www

Re: Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

> da...@justemail.net wrote on 25.10.2017 at 2:35: > > Hello, > > My office receives email from UPS, since we're a customer. > > One of the domains that UPS emails from is apparently "iship.com". > > We're not getting those emails. You and UPS require different sets of ciphers and have none in

Troubleshooting "SSL_accept error" that happens with only one domain , iship.com (a UPS company)

tfix/postscreen[4531]: PASS NEW [64.74.4.33]:56785 mail postfix/postscreen-smtpd/smtpd[4537]: connect from mail3.iship.com[64.74.4.33] mail postfix/postscreen-smtpd/smtpd[4537]: SSL_accept error from mail3.iship.com[64.74.4.33]: -1 mail postfix/postscreen-smtpd/smtpd[4537]: warnin

Re: SSL_accept error from other MTA

On 15.01.2017 07:39, Noel Jones wrote: On 1/14/2017 2:40 AM, Admin Beckspaced wrote: All other MTA's don't seem to have any problems with TLS / STARTTLS. What can I do to fix this problem? Let the other MTA know that they got an issue with their TLS setup? Thanks & greetings Becki If your g

Re: SSL_accept error from other MTA

On 1/14/2017 2:40 AM, Admin Beckspaced wrote: > All other MTA's don't seem to have any problems with TLS / STARTTLS. > > What can I do to fix this problem? Let the other MTA know that they > got an issue with their TLS setup? > > Thanks & greetings > Becki If your goal is to get the mail flowin

Re: SSL_accept error from other MTA

2017-01-14T14:41:43.297537+01:00 cx20 postfix/smtpd[25337]: SSL_accept:SSLv3 > write server done A > 2017-01-14T14:41:43.298112+01:00 cx20 postfix/smtpd[25337]: SSL_accept:SSLv3 > flush data > 2017-01-14T14:41:43.313040+01:00 cx20 postfix/smtpd[25337]: SSL_accept:error > in SSLv3 read cl

Re: SSL_accept error from other MTA

L_accept:SSLv3 write server done A 2017-01-14T14:41:43.298112+01:00 cx20 postfix/smtpd[25337]: SSL_accept:SSLv3 flush data 2017-01-14T14:41:43.313040+01:00 cx20 postfix/smtpd[25337]: SSL_accept:error in SSLv3 read client certificate A 2017-01-14T14:41:43.313611+01:00 cx20 postfix/smtpd[25337]: S

Re: SSL_accept error from other MTA

> >After looking for the partner email I found those log entries: > >2017-01-14T00:31:28.312121+01:00 cx20 postfix/smtpd[12579]: connect >from >mail.kommunalunternehmen.de[217.6.53.146] >2017-01-14T00:31:28.419190+01:00 cx20 postfix/smtpd[12579]: SSL_accept >error from mail.ko

SSL_accept error from other MTA

8.312121+01:00 cx20 postfix/smtpd[12579]: connect from mail.kommunalunternehmen.de[217.6.53.146] 2017-01-14T00:31:28.419190+01:00 cx20 postfix/smtpd[12579]: SSL_accept error from mail.kommunalunternehmen.de[217.6.53.146]: Connection reset by peer 2017-01-14T00:31:28.420304+01:00 cx20 postfix/smtp

Re: smtpd ... SSL_accept error from ... lost connection

> On Dec 11, 2016, at 3:25 AM, Dominic Raferd wrote: > > In general my postfix mail server is working well, it is receiving > emails with optional STARTTLS. But I am occasionally seeing an error > message like this in the log: > > 2016-12-11 00:32:19 dl1 postfix/smtpd[136

Re: smtpd ... SSL_accept error from ... lost connection

is receiving >>>> emails with optional STARTTLS. But I am occasionally seeing an error >>>> message like this in the log: >>>> >>>> 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_accept error from >>>> unknown[14.215.156.100]: lost connectio

Re: smtpd ... SSL_accept error from ... lost connection

ccasionally seeing an error >>> message like this in the log: >>> >>> 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_accept error from >>> unknown[14.215.156.100]: lost connection >>> >>> The connection giving rise to the error is never from o

Re: smtpd ... SSL_accept error from ... lost connection

>> 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_accept error from >> unknown[14.215.156.100]: lost connection >> >> The connection giving rise to the error is never from one of our >> machines/users. Should I be worried about it? Does it indicate some >> bad

Re: smtpd ... SSL_accept error from ... lost connection

gt;> >> 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_accept error from >> unknown[14.215.156.100]: lost connection >> >> The connection giving rise to the error is never from one of our >> machines/users. Should I be worried about it? Does it indicate some &

Re: smtpd ... SSL_accept error from ... lost connection

On 12/11/2016 09:25 AM, Dominic Raferd wrote: > In general my postfix mail server is working well, it is receiving > emails with optional STARTTLS. But I am occasionally seeing an error > message like this in the log: > > 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_ac

smtpd ... SSL_accept error from ... lost connection

In general my postfix mail server is working well, it is receiving emails with optional STARTTLS. But I am occasionally seeing an error message like this in the log: 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_accept error from unknown[14.215.156.100]: lost connection The connection giving

Re: SSL_accept error from ...outbound.protection.outlook.com

On Mon, Nov 07, 2016 at 10:30:06AM -0500, Bill Cole wrote: > >Nov 7 15:03:29 blueberry postfix/smtpd[18091]: > >mail-ve1eur01hn032d.outbound.protection.outlook.com[2a01:111:f400:fe1f::32d]: > >TLS cipher list "aNULL:-aNULL:HIGH:@STRENGTH:!aNULL" > > This is probably your problem. The austere cip

Re: SSL_accept error from ...outbound.protection.outlook.com

On 7 Nov 2016, at 9:26, Florian Piekert wrote: Hello everybody, another issue around TLS/SSL from me. I see tons of ==> mail/mail.log <== [...] Nov 7 15:03:29 blueberry postfix/smtpd[18091]: mail-ve1eur01hn032d.outbound.protection.outlook.com[2a01:111:f400:fe1f::32d]: TLS cipher list "aNULL

SSL_accept error from ...outbound.protection.outlook.com

ry postfix/smtpd[18091]: SSL_accept:unknown state Nov 7 15:03:29 blueberry postfix/smtpd[18091]: message repeated 5 times: [ SSL_accept:unknown state] Nov 7 15:03:29 blueberry postfix/smtpd[18091]: SSL_accept:failed in unknown state Nov 7 15:03:29 blueberry postfix/smtpd[18091]: SSL_accept

Re: SSL_accept error/TLS library problem

On Tue, Mar 08, 2016 at 10:10:13AM +0100, Thomas Keller wrote: > postfix/smtpd[2608]: connect from 61-216-2-13.HINET-IP.hinet.net[61.216.2.13] A compromised botnet machine is connecting to your Postfix server. > postfix/smtpd[2608]: warning: TLS library problem: 2608:error:1408F10B:SSL > routin

SSL_accept error/TLS library problem

could somebody please explain what these errors mean ? postfix/smtpd[2608]: connect from 61-216-2-13.HINET-IP.hinet.net[61.216.2.13] postfix/smtpd[2608]: SSL_accept error from 61-216-2-13.HINET-IP.hinet.net[61.216.2.13]: -1 postfix/smtpd[2608]: warning: TLS library problem: 2608:error

Re: SSL_accept error

On Mon Jun 01 2015 15:53:17 njo...@megan.vbhcs.org said: > > On 6/1/2015 4:19 PM, @lbutlr wrote: >> Jun 1 15:09:08 mail submit-tls/smtpd[88479]: SSL_accept error from >> unknown[50.253.97.91]: lost connection > This looks as if the client and the server don't have a c

Re: SSL_accept error

olve to address > 50.253.97.91: hostname nor servname provided, or not known > Jun 1 15:09:08 mail submit-tls/smtpd[88479]: connect from > unknown[50.253.97.91] > Jun 1 15:09:08 mail submit-tls/smtpd[88479]: SSL_accept error from > unknown[50.253.97.91]: lost connection > Jun

Re: SSL_accept error

On Mon Jun 01 2015 15:19:57 @lbutlr said: > > A user at a Starbucks is trying to send mail and getting an error on sending. > This is what I see in the logs: One other detail I left out, openssl s_client -connect localhost:587 -starttls smtp works as expected. It also works remotely if I put t

SSL_accept error

not known Jun 1 15:09:08 mail submit-tls/smtpd[88479]: connect from unknown[50.253.97.91] Jun 1 15:09:08 mail submit-tls/smtpd[88479]: SSL_accept error from unknown[50.253.97.91]: lost connection Jun 1 15:09:08 mail submit-tls/smtpd[88479]: lost connection after STARTTLS from unknown

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

On 1/22/2012 9:25 AM, Benny Pedersen wrote: >> "lost connection after connect" simply means the initial handshake >> completed, then the connection dropped before any commands were >> exchanged. > > telnet localhost 25 > > > that way ? With that, postfix will log a "timeout after ..." message.

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

On Sat, 21 Jan 2012 11:04:05 -0600, Noel Jones wrote: No, this has nothing to do with the on-wire protocol. In this context, CONNECT means the initial tcp/ip handshake completed. ups my fault in confussing the two, thanks for clearify it "lost connection after connect" simply means the initi

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

On 1/21/2012 12:05 AM, Benny Pedersen wrote: >>> Jan 18 18:20:54 newmail postfix/smtpd[83432]: lost connection >>> after CONNECT from >>> adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] > >>> What would you advise me to further debug this ? > > CONNECT is a non SMTP protocol, are you runni

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

On Wed, 18 Jan 2012 16:44:14 -0600, Noel Jones wrote: Jan 18 18:20:54 newmail postfix/smtpd[83432]: lost connection after CONNECT from adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] What would you advise me to further debug this ? CONNECT is a non SMTP protocol, are you running tor

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

On 1/19/2012 1:39 AM, bsd wrote: > > Maybe I should use STARTTLS instead of the wrapper mode ? It's quite common to offer both, which I think is reasonable. > > What are the pros and cons of each solution ? wrappermode is a non-standard legacy mode that some clients prefer. In their config

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

Hello, Le 19/01/2012 08:39, bsd a écrit : > Le 19 janv. 2012 à 02:18, Wietse Venema a écrit : > >> bsd: >>> I wanted to know what are the symptoms of "SSL_accept error" and >>> "lost connection after CONNECT" ?? >> The client hangs up whe

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

Le 19 janv. 2012 à 02:18, Wietse Venema a écrit : > bsd: >> I wanted to know what are the symptoms of "SSL_accept error" and >> "lost connection after CONNECT" ?? > > The client hangs up when Postfix expects the TLS handshake. > > There was two

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

bsd: > I wanted to know what are the symptoms of "SSL_accept error" and > "lost connection after CONNECT" ?? The client hangs up when Postfix expects the TLS handshake. There was two ways that Postfix provides TLS service. One is STARTTLS mode (usually TCP port 587), an

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

44.85] >>>> Jan 18 18:15:55 newmail postfix/smtpd[83785]: connect from >>>> adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] >>>> Jan 18 18:15:55 newmail postfix/smtpd[83784]: connect from >>>> adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

an03.sbcglobal.net[99.98.44.85] >>> Jan 18 18:15:55 newmail postfix/smtpd[83784]: connect from >>> adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] >>> Jan 18 18:20:54 newmail postfix/smtpd[83784]: SSL_accept error from >>> adsl-99-98-44-85.dsl.lsan03.sbcglobal.n

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

sl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] >> Jan 18 18:20:54 newmail postfix/smtpd[83784]: SSL_accept error from >> adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85]: 0 >> Jan 18 18:20:54 newmail postfix/smtpd[83784]: lost connection after CONNECT >> f

Re: Problem with SMTPs SSL_accept error | lost connection after CONNECT

18 18:15:55 newmail postfix/smtpd[83785]: connect from > adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] > Jan 18 18:15:55 newmail postfix/smtpd[83784]: connect from > adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] > Jan 18 18:20:54 newmail postfix/smtpd[83784]: SSL_accept erro

Problem with SMTPs SSL_accept error | lost connection after CONNECT

[99.98.44.85] Jan 18 18:15:55 newmail postfix/smtpd[83784]: connect from adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85] Jan 18 18:20:54 newmail postfix/smtpd[83784]: SSL_accept error from adsl-99-98-44-85.dsl.lsan03.sbcglobal.net[99.98.44.85]: 0 Jan 18 18:20:54 newmail postfix/smtpd[83784]: lost

Re: SSL_accept error from ...

Victor Duchovni: > On Fri, Jul 22, 2011 at 09:32:29AM -0400, Wietse Venema wrote: > > > > So what are those? > > > > Postfix prints all information that is available on the OpenSSL > > error stack. The absence of such logging suggests that the error > > stack is empty (perhaps the client hung up)

Re: SSL_accept error from ...

-07-22T05:53:57-04:00 amnesiac postfix/qmgr[11097]: C62C71748001: removed TLS SSL_accept error 0 2011-07-22T05:53:33-04:00 amnesiac postfix/smtpd[9446]: connect from unknown[192.0.2.1] 2011-07-22T05:53:33-04:00 amnesiac postfix/smtpd[9446]: SSL_accept error from unknown[192.0.2.1]: 0 2011

Re: SSL_accept error from ...

* Wietse Venema : > > That's all there was. OK, I'll just ignore those then. > > I would not deny that this user interface can be improved. One > minor improvement would be to log "lost connection" when the OpenSSL > error stack is empty (i.e. when ERR_peek_error() returns an end-of-data > indic

Re: SSL_accept error from ...

Ralf Hildebrandt: > * Wietse Venema : > > > > Jul 3 17:44:00 mail postfix/smtpd[1210]: SSL_accept error from > > > post.blossin.de[217.92.177.100]: -1 > > > Jul 3 17:53:22 mail postfix/smtpd[1174]: SSL_accept error from > > > post.blossin.de[217.

Re: SSL_accept error from ...

* Wietse Venema : > > Jul 3 17:44:00 mail postfix/smtpd[1210]: SSL_accept error from > > post.blossin.de[217.92.177.100]: -1 > > Jul 3 17:53:22 mail postfix/smtpd[1174]: SSL_accept error from > > post.blossin.de[217.92.177.100]: -1 > > Jul 3 18:31:12 mail p

Re: SSL_accept error from ...

Ralf Hildebrandt: > I'm seeing sporadic "SSL_accept error" messages and would like to know > their significance. Sometimes I'm seeing ": 0", sometime ": -1" > > A few examples: > > Jul 3 17:44:00 mail postfix/smtpd[1210]: SSL_accept err

SSL_accept error from ...

I'm seeing sporadic "SSL_accept error" messages and would like to know their significance. Sometimes I'm seeing ": 0", sometime ": -1" A few examples: Jul 3 17:44:00 mail postfix/smtpd[1210]: SSL_accept error from post.blossin.de[217.92.177.100]: -1

Re: SSL_accept error / lost connection after STARTTLS

16 20:39:41 mail postfix/smtpd[2918]: setting up TLS connection > from ipxx.xxx.xxx.xx.cox.net[xx.xxx.xxx.xx] > Feb 16 20:39:41 mail postfix/smtpd[2918]: > ipxx.xxx.xxx.xx.cox.net[xx.xxx.xxx.xx]: TLS cipher list > "ALL:+RC4:@STRENGTH" > Feb 16 20:39:41 mail postfix/

SSL_accept error / lost connection after STARTTLS

smtpd[2918]: setting up TLS connection from ipxx.xxx.xxx.xx.cox.net[xx.xxx.xxx.xx] Feb 16 20:39:41 mail postfix/smtpd[2918]: ipxx.xxx.xxx.xx.cox.net[xx.xxx.xxx.xx]: TLS cipher list "ALL:+RC4:@STRENGTH" Feb 16 20:39:41 mail postfix/smtpd[2918]: SSL_accept error from ipxx.xxx.xxx.xx.cox.ne

SSL_accept error

p TLS connection from 85-18-95-44.ip.fastwebnet.it[85.18.95.44] Dec 15 12:09:57 lin2a postfix/smtpd[14097]: SSL_accept error from 85-18-95-44.ip.fastwebnet.it[85.18.95.44]: 0 Dec 15 12:09:57 lin2a postfix/smtpd[14097]: warning: TLS library problem: 14097:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1

Re: SSL_accept error from unknown[x.x.x.]: -1

On 11/26/2009 9:43 PM, sosogh wrote: Hi list I am running two postfix on two servers.One acts as smtp tls client, the other one acts as smtpd tls server. I tried to send mails from smtp tls client to smtpd tls server --- IP are

SSL_accept error from unknown[x.x.x.]: -1

_security_level=encryt log: Nov 27 09:51:45 debian postfix/smtpd[3511]: SSL_accept:before/accept initialization Nov 27 09:51:45 debian postfix/smtpd[3511]: read from B8A34DD0 [B8A3E4F0] (11 bytes => -1 (0x)) Nov 27 09:56:45 debian postfix/smtpd[3511]: SSL_accept error from unknown[1.1.1.1]: -1 Nov 2

Re: lost connection after CONNECT / SSL_accept error from errors / network_biopair_interop: no inbound mail

On 9/8/2009 10:20 AM, paul beard wrote: I don't see an smtpd_recipient_restrictions here. You will need at least: smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_recipient_restrictions was there, as spec

Re: lost connection after CONNECT / SSL_accept error from errors / network_biopair_interop: no inbound mail

On Tue, Sep 08, 2009 at 08:20:19AM -0700, paul beard wrote: > Any idea if I should care about this? > > Sep 8 08:06:57 shuttle postfix/smtpd[61994]: warning: > network_biopair_interop: error reading 11 bytes from > the network: Connection reset by peer After you turned-off wrapper mode and rel

Re: lost connection after CONNECT / SSL_accept error from errors / network_biopair_interop: no inbound mail

On Tue, Sep 8, 2009 at 8:01 AM, Noel Jones wrote: > Looks like the client disconnected. > > Test your TLS implementation with > openssl s_client -connect IP:port -starttls smtp > > If you get a > 250 DSN > or similar message after all the SSL handshake goop, then it worked. > > OK, all is well he

Re: lost connection after CONNECT / SSL_accept error from errors / network_biopair_interop: no inbound mail

On 9/8/2009 3:07 AM, Paul Beard wrote: I am getting no inbound email after locking down the requirements of users to authenticate before sending. I dropped back from current (2.7.*) to 2.6.5. Not having any success getting tcpdump output. The version I have differs from the example in the DEBUG

lost connection after CONNECT / SSL_accept error from errors / network_biopair_interop: no inbound mail

mtpd[56332]: SSL_accept:before/accept initialization Sep 8 00:45:30 shuttle postfix/smtpd[56332]: read from 34103AC0 [341BF000] (11 bytes => -1 (0x)) Sep 8 00:45:33 shuttle postfix/smtpd[56335]: SSL_accept error from mail-pz0-f204.google.com[209.85.222.204]: -1 Sep 8 00:45:33 sh

Re: SSL_accept error

2009/8/14 Barney Desmond > 2009/8/14 Ebbe Hjorth : > > No more hints? :-( > > Do you still have a problem? You said, "Ahh, now we are talkin", which > sounds like you were successful. > > Patrick's docs ( > http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html > ) > ar

Re: SSL_accept error

2009/8/14 Ebbe Hjorth : > No more hints? :-( Do you still have a problem? You said, "Ahh, now we are talkin", which sounds like you were successful. Patrick's docs (http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html) are great, but I think they're a little misleadi

Re: SSL_accept error

2009/8/12 Ebbe Hjorth > > > 2009/8/12 Zaeem Arshad > > >> >> On Tue, Aug 11, 2009 at 11:27 PM, Ebbe Hjorth wrote: >> >>> >>> >>> 2009/8/11 Brian Evans - Postfix List >>> Ebbe Hjorth wrote: > 2009/8/10 Brian Evans - Postfix List >>> > > > >

Re: SSL_accept error

2009/8/12 Zaeem Arshad > > > On Tue, Aug 11, 2009 at 11:27 PM, Ebbe Hjorth wrote: > >> >> >> 2009/8/11 Brian Evans - Postfix List >> >>> Ebbe Hjorth wrote: >>> > 2009/8/10 Brian Evans - Postfix List >> > > >>> > >>> > A great guide by a frequent poster here is

Re: SSL_accept error

On Tue, Aug 11, 2009 at 11:27 PM, Ebbe Hjorth wrote: > > > 2009/8/11 Brian Evans - Postfix List > >> Ebbe Hjorth wrote: >> > 2009/8/10 Brian Evans - Postfix List > > > >> > >> > A great guide by a frequent poster here is >> > >> http://postfix.state-of-mind.de

Re: SSL_accept error

2009/8/11 Brian Evans - Postfix List > Brian Evans - Postfix List wrote: > > Ebbe Hjorth wrote: > > > >> 2009/8/11 Brian Evans - Postfix List >> > > >> > >> Ebbe Hjorth wrote: > >> > 2009/8/10 Brian Evans - Postfix List >>

Re: SSL_accept error

Brian Evans - Postfix List wrote: > Ebbe Hjorth wrote: > >> 2009/8/11 Brian Evans - Postfix List > > >> >> Ebbe Hjorth wrote: >> > 2009/8/10 Brian Evans - Postfix List > >> >

Re: SSL_accept error

Ebbe Hjorth wrote: > > > 2009/8/11 Brian Evans - Postfix List > > > Ebbe Hjorth wrote: > > 2009/8/10 Brian Evans - Postfix List > > >> > > > >

Re: SSL_accept error

2009/8/11 Brian Evans - Postfix List > Ebbe Hjorth wrote: > > 2009/8/10 Brian Evans - Postfix List > > > > > > A great guide by a frequent poster here is > > > http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html > > > > > > That i

Re: SSL_accept error

Ebbe Hjorth wrote: > 2009/8/10 Brian Evans - Postfix List > > > A great guide by a frequent poster here is > > http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_support.html > > > That is a briliant link, i have read it all and love it,

Re: SSL_accept error

help. > > > > Aug 9 14:22:55 mail02 postfix/smtpd[1969]: SSL_accept error from > > mail-ew0-f224.google.com > > <http://mail-ew0-f224.google.com>[209.85.219.224]: -1 > > Aug 9 14:22:55 mail02 postfix/smtpd[1855]: connect from > > bzq-79-182-42-58.red.bezeqi

  1   2   >