Hi Viktor,
On Mon, Dec 2, 2013 at 1:07 PM, Viktor Dukhovni
wrote:
> On Mon, Dec 02, 2013 at 12:23:54PM -0500, Alex wrote:
>
>> > No need. This is the problem with Exchange on Windows 2003, and
>> > the broken DES-CBC3-SHA ciphersuite. Work-around in the list
>> > archives.
>>
>> I believe I've
On Mon, Dec 02, 2013 at 06:07:07PM +, Viktor Dukhovni wrote:
> A quick Google search uncovers the following, which is either the
> same issue or a related issue:
>
> http://support.microsoft.com/kb/938857
Ditto:
http://archives.neohapsis.com/archives/postfix/2007-12/0086.html
--
On Mon, Dec 02, 2013 at 12:23:54PM -0500, Alex wrote:
> > No need. This is the problem with Exchange on Windows 2003, and
> > the broken DES-CBC3-SHA ciphersuite. Work-around in the list
> > archives.
>
> I believe I've found your post in the archives from just a few weeks
> ago that describes
Hi Viktor,
On Tue, Nov 26, 2013 at 6:05 PM, Viktor Dukhovni
wrote:
> On Tue, Nov 26, 2013 at 05:53:05PM -0500, Wietse Venema wrote:
>
>> Buried under useless verbose logging is a clear warning:
>>
>> > warning: TLS library problem: 16575:error:1408F10B:SSL
>> > routines:SSL3_GET_RECORD:wrong vers
On Tue, Nov 26, 2013 at 09:37:13PM -0500, Alex wrote:
> > You have to compile *with* TLS support enabled.
> >
> > make -f Makefile.init CCARGS='-DUSE_TLS' AUXLIBS='-lssl -lcrypto'
>
> Okay, got it to work now. Apparently it wasn't included with my fedora
> postfix install.
Not surprising, po
Hi,
> You have to compile *with* TLS support enabled.
>
> make -f Makefile.init CCARGS='-DUSE_TLS' AUXLIBS='-lssl -lcrypto'
Okay, got it to work now. Apparently it wasn't included with my fedora
postfix install.
>> I looked at my debug trace of the messages delivered successfully, and
>> it
On Tue, Nov 26, 2013 at 08:53:32PM -0500, Alex wrote:
> > posttls-finger: warning: lost connection while sending QUIT command
>
> I've just downloaded this and compiled it on my system, but it says
> invalid options:
You have to compile *with* TLS support enabled.
make -f Makefile.init
Hi,
> $ posttls-finger -c -lmay -Lsummary -o tls_medium_cipherlist=DES-CBC3-SHA
> "[66.252.104.194]"
> posttls-finger: Connected to 66.252.104.194[66.252.104.194]:25
> posttls-finger: Untrusted TLS connection established to
> 66.252.104.194[66.252.104.194]:25: unknown with cipher DES
On Tue, Nov 26, 2013 at 11:05:48PM +, Viktor Dukhovni wrote:
> > This means that the TLS library had a problem.
>
> Plus the server is an Microsoft Exchange server, and the problem
> happens on the first command after the post STARTLS EHLO.
One last comment, the mail server in question does
On Tue, Nov 26, 2013 at 11:05:48PM +, Viktor Dukhovni wrote:
> > To debug SMTP over TLS, use "openssl s_client".
>
> No need. This is the problem with Exchange on Windows 2003, and
> the broken DES-CBC3-SHA ciphersuite. Work-around in the list
> archives.
$ posttls-finger -c -lmay -Lsu
On Tue, Nov 26, 2013 at 05:53:05PM -0500, Wietse Venema wrote:
> Buried under useless verbose logging is a clear warning:
>
> > warning: TLS library problem: 16575:error:1408F10B:SSL
> > routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: smtp_get:
>
> This means that the TLS library had
Buried under useless verbose logging is a clear warning:
> warning: TLS library problem: 16575:error:1408F10B:SSL
> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: smtp_get:
This means that the TLS library had a problem.
> I've also included the successful telnet test:
telnet is not
Hi,
I'm trying to figure out why the remote server is responding with a
"lost connection" error without any further information to indicate
why the message was deferred.
If I use telnet and replicate the connection process, I can send a
test message. However, messages sent from remote users and f
13 matches
Mail list logo
