From: Jan Kohnert <nospam001-lists@jankoh.dyndns.org>
To: gentoo-user-de@lists.gentoo.org
Subject: Re: [gentoo-user-de] ssmtp will kein TLS mehr :-(
Date: Tue, 3 Jan 2006 20:00:26 +0100 [thread overview]
Message-ID: <200601032000.27171.nospam001-lists@jankoh.dyndns.org> (raw)
In-Reply-To: <200512301605.26430.news@rennings.net>
[-- Attachment #1: Type: text/plain, Size: 8201 bytes --]
Markus Rennings schrieb:
> Hallo,
> Setz' mal in Postfix' main.cf die Option "smtpd_tls_loglevel = 2", da
> müsste man mehr raus ersehen können.
Mit dem Loglevel und smtpd -v:
Jan 3 19:51:13 server postfix/smtpd[19479]: connection established
Jan 3 19:51:13 server postfix/smtpd[19479]: master_notify: status 0
Jan 3 19:51:13 server postfix/smtpd[19479]: name_mask: resource
Jan 3 19:51:13 server postfix/smtpd[19479]: name_mask: software
Jan 3 19:51:13 server postfix/smtpd[19479]: name_mask: noanonymous
Jan 3 19:51:13 server postfix/smtpd[19479]: connect from
kohni.local[192.168.0.3]
Jan 3 19:51:13 server postfix/smtpd[19479]: match_list_match: kohni.local: no
match
Jan 3 19:51:13 server postfix/smtpd[19479]: match_list_match: 192.168.0.3: no
match
Jan 3 19:51:13 server postfix/smtpd[19479]: match_list_match: kohni.local: no
match
Jan 3 19:51:13 server postfix/smtpd[19479]: match_list_match: 192.168.0.3: no
match
Jan 3 19:51:13 server postfix/smtpd[19479]: match_hostname: kohni.local ~?
192.168.0.0/24
Jan 3 19:51:13 server postfix/smtpd[19479]: match_hostaddr: 192.168.0.3 ~?
192.168.0.0/24
Jan 3 19:51:13 server postfix/smtpd[19479]: > kohni.local[192.168.0.3]: 220
jankoh.dyndns.org ESMTP Postfix (2.2.5)
Jan 3 19:51:13 server postfix/smtpd[19479]: < kohni.local[192.168.0.3]: ?????
Jan 3 19:51:13 server postfix/smtpd[19479]: match_string: ????? ~? CONNECT
Jan 3 19:51:13 server postfix/smtpd[19479]: match_string: ????? ~? GET
Jan 3 19:51:13 server postfix/smtpd[19479]: match_string: ????? ~? POST
Jan 3 19:51:13 server postfix/smtpd[19479]: match_list_match: ?????: no match
Jan 3 19:51:13 server postfix/smtpd[19479]: > kohni.local[192.168.0.3]: 502
Error: command not implemented
Jan 3 19:51:13 server postfix/smtpd[19479]: smtp_get: EOF
Jan 3 19:51:13 server postfix/smtpd[19479]: match_hostname: kohni.local ~?
192.168.0.0/24
Jan 3 19:51:13 server postfix/smtpd[19479]: match_hostaddr: 192.168.0.3 ~?
192.168.0.0/24
Jan 3 19:51:13 server postfix/smtpd[19479]: lost connection after CONNECT
from kohni.local[192.168.0.3]
Jan 3 19:51:13 server postfix/smtpd[19479]: disconnect from
kohni.local[192.168.0.3]
Jan 3 19:51:13 server postfix/smtpd[19479]: master_notify: status 1
Jan 3 19:51:13 server postfix/smtpd[19479]: connection closed
> Ansonsten kannst Du mit "openssl s_client -starttls smtp
> -CApath /etc/postfix/CAcerts -connect localhost:25" (natürlich anpassen)
> sehen, ob Postfix TLS richtig anbietet...
Dir zuliebe mit Output:
Jan 3 19:57:19 server postfix/smtpd[19487]: connect from
kohni.local[192.168.0.3]
Jan 3 19:57:19 server postfix/smtpd[19487]: match_list_match: kohni.local: no
match
Jan 3 19:57:19 server postfix/smtpd[19487]: match_list_match: 192.168.0.3: no
match
Jan 3 19:57:19 server postfix/smtpd[19487]: match_list_match: kohni.local: no
match
Jan 3 19:57:19 server postfix/smtpd[19487]: match_list_match: 192.168.0.3: no
match
Jan 3 19:57:19 server postfix/smtpd[19487]: match_hostname: kohni.local ~?
192.168.0.0/24
Jan 3 19:57:19 server postfix/smtpd[19487]: match_hostaddr: 192.168.0.3 ~?
192.168.0.0/24
Jan 3 19:57:19 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]: 220
jankoh.dyndns.org ESMTP Postfix (2.2.5)
Jan 3 19:57:19 server postfix/smtpd[19487]: < kohni.local[192.168.0.3]:
STARTTLS
Jan 3 19:57:19 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]: 220
Ready to start TLS
Jan 3 19:57:19 server postfix/smtpd[19487]: setting up TLS connection from
kohni.local[192.168.0.3]
Jan 3 19:57:19 server postfix/smtpd[19487]: attr_clnt_connect: connected to
private/tlsmgr
Jan 3 19:57:19 server postfix/smtpd[19487]: send attr request = seed
Jan 3 19:57:19 server postfix/smtpd[19487]: send attr size = 32
Jan 3 19:57:19 server postfix/smtpd[19487]: private/tlsmgr: wanted attribute:
status
Jan 3 19:57:19 server postfix/smtpd[19487]: input attribute name: status
Jan 3 19:57:19 server postfix/smtpd[19487]: input attribute value: 0
Jan 3 19:57:19 server postfix/smtpd[19487]: private/tlsmgr: wanted attribute:
seed
Jan 3 19:57:19 server postfix/smtpd[19487]: input attribute name: seed
Jan 3 19:57:19 server postfix/smtpd[19487]: input attribute value:
OBJANybTZbaJdXigt9CLxkvwNahVl7tw98d3q6EncqY=
Jan 3 19:57:19 server postfix/smtpd[19487]: private/tlsmgr: wanted attribute:
(list terminator)
Jan 3 19:57:19 server postfix/smtpd[19487]: input attribute name: (end)
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:before/accept
initialization
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv2/v3 read
client hello A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv2/v3 read
client hello B
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 read client
hello A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 write server
hello A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 write
certificate A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 write key
exchange A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 write server
done A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 flush data
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
client certificate A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
client certificate A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
client certificate A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 read client key
exchange A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
certificate verify A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
certificate verify A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
certificate verify A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:error in SSLv3 read
certificate verify A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 read finished A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 write change
cipher spec A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 write finished A
Jan 3 19:57:19 server postfix/smtpd[19487]: SSL_accept:SSLv3 flush data
Jan 3 19:57:19 server postfix/smtpd[19487]: TLS connection established from
kohni.local[192.168.0.3]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jan 3 19:57:24 server postfix/smtpd[19487]: < kohni.local[192.168.0.3]: ehlo
kohni.local
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]:
250-jankoh.dyndns.org
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]:
250-PIPELINING
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]:
250-SIZE 10240000
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]:
250-VRFY
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]:
250-ETRN
Jan 3 19:57:24 server postfix/smtpd[19487]: match_list_match: kohni.local: no
match
Jan 3 19:57:24 server postfix/smtpd[19487]: match_list_match: 192.168.0.3: no
match
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]:
250-AUTH PLAIN NTLM LOGIN DIGEST-MD5 CRAM-MD5
Jan 3 19:57:24 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]: 250
8BITMIME
Jan 3 19:57:30 server postfix/smtpd[19487]: < kohni.local[192.168.0.3]: quit
Jan 3 19:57:30 server postfix/smtpd[19487]: > kohni.local[192.168.0.3]: 221
Bye
Jan 3 19:57:30 server postfix/smtpd[19487]: match_hostname: kohni.local ~?
192.168.0.0/24
Jan 3 19:57:30 server postfix/smtpd[19487]: match_hostaddr: 192.168.0.3 ~?
192.168.0.0/24
Jan 3 19:57:30 server postfix/smtpd[19487]: disconnect from
kohni.local[192.168.0.3]
Jan 3 19:57:30 server postfix/smtpd[19487]: master_notify: status 1
Jan 3 19:57:30 server postfix/smtpd[19487]: connection closed
> HTH
> Ciao,
> Markus
MfG Jan
--
OpenPGP Public-Key Fingerprint:
0E9B 4052 C661 5018 93C3 4E46 651A 7A28 4028 FF7A
[-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --]
next prev parent reply other threads:[~2006-01-03 19:02 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-30 7:24 [gentoo-user-de] ssmtp will kein TLS mehr :-( Jan Kohnert
2005-12-30 15:05 ` Markus Rennings
2006-01-02 20:57 ` Jan Kohnert
2006-01-04 22:49 ` Jan Kohnert
2006-01-05 13:51 ` Jan Kohnert
2006-01-05 13:55 ` [gentoo-user-de] ssmtp will kein TLS mehr :-( [SOLVED] Jan Kohnert
2006-01-03 19:00 ` Jan Kohnert [this message]
2006-02-08 14:14 ` [gentoo-user-de] unsubscribe Maximilian Sichart
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200601032000.27171.nospam001-lists@jankoh.dyndns.org \
--to=nospam001-lists@jankoh.dyndns.org \
--cc=gentoo-user-de@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox