> On Mar 20, 2016, at 12:22 PM, Rick Zeman wrote:
>
> Mar 20 12:12:53 miniserv postfix/smtpd[43174]: warning: TLS library
> problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown
> protocol:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL098-59/src/ssl/s23_srvr.c:6
Howdy,
Upgrading Apple server to Apple's postfix 2.11.0 and seeing this in the logs:
Mar 20 12:12:53 miniserv postfix/smtpd[43174]: warning: TLS library
problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown
protocol:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL0
On Tue, Nov 11, 2014 at 01:49:19PM -0500, Wietse Venema wrote:
> > > http://www.postfix.org/postconf.5.html#smtp_delivery_status_filter
> >
> > Yes, this "works", but it is very much not recommended. When
> > receiving systems botch their certificate chains (expired, incomplete
> > chain, ...) a
Viktor Dukhovni:
> On Tue, Nov 11, 2014 at 12:50:42PM -0500, Wietse Venema wrote:
>
> > > Is it possible avoid that if my Postfix send an email to an External
> > > Domain which is required to be encrypt in TLS, the email is kept in
> > > deferred
> > > queue?
> > > We would like in that case rej
On Tue, Nov 11, 2014 at 12:50:42PM -0500, Wietse Venema wrote:
> > Is it possible avoid that if my Postfix send an email to an External
> > Domain which is required to be encrypt in TLS, the email is kept in deferred
> > queue?
> > We would like in that case reject that because we think that it?s
Salvatore Palazzolo:
> Hi Wietse.
> Could you please reply to this question?
I already replied three weeks ago.
Wietse
Subject: Re: R: postfix TLS question
To: Postfix users
Date: Wed, 22 Oct 2014 07:27:49 -0400 (EDT)
Message-ID: <3jn8zy3m5tzj...@spike.porcupine.org&g
Salvatore Palazzolo:
> Dear Wietse.
> We already discuss about a TLS question a lot of months ago.
> I have now an other question for you.
> Is it possible avoid that if my Postfix send an email to an External Domain
> which is required to be encrypt in TLS, the email is kept in
On Thu, Feb 20, 2014 at 06:51:09AM -0500, Wietse Venema wrote:
> To fully understand what happens with a particular message requires
> a stateful logfile processor.
I tend to use the admittedly imperfect, but sufficiently useful
"collate" Perl script I slapped together. A fancier version would
c
Salvatore Palazzolo:
> there is no link between the line related to the TLS connection
> and the subsequent queue message ID.
The link is the combination of SMTP server process ID (21492) and
the client name+address (unknown[10.204.61.131]) as shown below:
> Feb 20 11:05:47 sgsnoimsva002lx postfi
Did you try "file /etc/ssl/zbfmail-cert/2013/mail.server.de.intermediate.
crt"?
May be you will be surprised by the results...
:-)
Fernando
On Wed, Jan 29, 2014 at 12:21 PM, nano wrote:
> On 30/01/2014 12:51 AM, Marko Weber | ZBF wrote:
>
>>
>> hello,
>> viktor or any other.
>>
>> in the postf
On 30/01/2014 12:51 AM, Marko Weber | ZBF wrote:
hello,
viktor or any other.
in the postfix tls readme:" In order to use TLS, the Postfix SMTP server
generally needs a certificate and a private key. Both must be in "PEM"
format. "
i have setup this way in my main.cf:
smtpd_tls_CAfile
On ons 29 jan 2014 14:51:26, Marko Weber | ZBF wrote:
>
> hello,
> viktor or any other.
>
> in the postfix tls readme:" In order to use TLS, the Postfix SMTP
> server generally needs a certificate and a private key. Both must be
> in "PEM" format. "
>
> i have setup this way in my main.cf:
>
> smtp
hello,
viktor or any other.
in the postfix tls readme:" In order to use TLS, the Postfix SMTP server
generally needs a certificate and a private key. Both must be in "PEM"
format. "
i have setup this way in my main.cf:
smtpd_tls_CAfile=
/etc/ssl/zbfm
On Tue, Mar 26, 2013 at 09:44:12AM +0100, Marko Weber | ZBF wrote:
> Mar 22 10:34:52 mail postfix/smtp[13970]:
> smtp2.db.com[160.83.77.178]:25: Matched subjectAltName:
> nyginsmp02.us.db.com
> Mar 22 10:34:52 mail postfix/smtp[13970]:
> smtp2.db.com[160.83.77.178]:25 CommonName nyginsmp02.us.db.c
On 26 March 2013 10:53, Marko Weber | ZBF wrote:
>
>
> Am 2013-03-26 10:30, schrieb Reindl Harald:
>>
>> Am 26.03.2013 09:44, schrieb Marko Weber|ZBF:
>>>
>>> Mar 25 14:04:35 mail postfix/smtpd[31103]: Untrusted TLS connection
>>> established from
>>> loninmrp15.uk.db.com[160.83.44.131]: TLSv1 wit
Am 26.03.2013 10:53, schrieb Marko Weber|ZBF:
>
>
> Am 2013-03-26 10:30, schrieb Reindl Harald:
>> Am 26.03.2013 09:44, schrieb Marko Weber|ZBF:
>>> Mar 25 14:04:35 mail postfix/smtpd[31103]: Untrusted TLS connection
>>> established from
>>> loninmrp15.uk.db.com[160.83.44.131]: TLSv1 with ciph
Am 2013-03-26 10:30, schrieb Reindl Harald:
Am 26.03.2013 09:44, schrieb Marko Weber|ZBF:
Mar 25 14:04:35 mail postfix/smtpd[31103]: Untrusted TLS connection
established from
loninmrp15.uk.db.com[160.83.44.131]: TLSv1 with cipher
DHE-RSA-AES256-SHA (256/256 bits)
why is on incoming mails th
Am 26.03.2013 09:44, schrieb Marko Weber|ZBF:
> Mar 25 14:04:35 mail postfix/smtpd[31103]: Untrusted TLS connection
> established from
> loninmrp15.uk.db.com[160.83.44.131]: TLSv1 with cipher DHE-RSA-AES256-SHA
> (256/256 bits)
>
> why is on incoming mails the TLS connection untrusted?
http:/
i sometimes mail with the deutschebank.
when i send mails i use a tls_policy_map:
db.com secure
match=loninmrp23.uk.db.com:nyjinsmp07.us.db.com:loninmrp22.uk.db.com:loninmrp14.uk.db.com:nyginsmp02.us.db.com:nyjinsmp01.us.db.com
.db.com secure
match=loninmrp23.uk.db.com:nyjinsmp07.us.db.com
Thanks for the clarification.
David
- Original Message -
From: "Wietse Venema"
To: "Postfix users"
Cc: "Postfix users"
Sent: Monday, October 05, 2009 8:34 AM
Subject: Re: TLS question
Davy Leon:
Hi guys
I have a little problem here.
I'm try
On 10/5/2009 9:31 AM, Davy Leon wrote:
Hi guys
I have a little problem here.
I'm trying to deliver mail with my postfix using gmail as an smarthost.
I get this error
host smtp.gmail.com[74.125.91.109] said: 530 5.7.0 Must
issue a STARTTLS command first. 22sm628904qyk.10 (in reply to MAIL FROM
com
Davy Leon:
> Hi guys
>
> I have a little problem here.
> I'm trying to deliver mail with my postfix using gmail as an smarthost.
> I get this error
>
>
> host smtp.gmail.com[74.125.91.109] said: 530 5.7.0 Must
> issue a STARTTLS command first. 22sm628904qyk.10 (in reply to MAIL FROM
> co
Hi guys
I have a little problem here.
I'm trying to deliver mail with my postfix using gmail as an smarthost.
I get this error
host smtp.gmail.com[74.125.91.109] said: 530 5.7.0 Must
issue a STARTTLS command first. 22sm628904qyk.10 (in reply to MAIL FROM
command)
I'm wondering if the an
Thanks. It was only a hope. Having opportunistic TLS working is
sufficient until we can upgrade.
On Dec 11, 2008, at 1:42 PM, Victor Duchovni wrote:
On Thu, Dec 11, 2008 at 01:28:02PM -0500, Dennis Putnam wrote:
Now that I have TLS working in both directions I thought it would be
interestin
On Thu, Dec 11, 2008 at 01:28:02PM -0500, Dennis Putnam wrote:
> Now that I have TLS working in both directions I thought it would be
> interesting to see if I can get enforced TLS to work also. It seems
> that the 3rd party postfix extension to version 2.1.5 supposedly
> supports that possi
Now that I have TLS working in both directions I thought it would be
interesting to see if I can get enforced TLS to work also. It seems
that the 3rd party postfix extension to version 2.1.5 supposedly
supports that possibility, contrary to my previous understanding.
I seem to have a sembla
26 matches
Mail list logo
