>something must changed in ssl/tls or in postfix. .... http://postfix.cs.utah.edu/source/official/postfix-3.4.1.RELEASE_NOTES
Yes, there are many SSL/TLS related changes in the last postfix releases. Thomas Von: "Ing. Lukáš Pečínka" <[email protected]> An: [email protected] Datum: 30.07.2021 08:13 Betreff: Re: [Assp-user] STARTTLS - connection randomly timeout (outlook imap error) Hi, something must changed in ssl/tls or in postfix. After some time my postfix log write (spam) this: postfix/smtpd[75310]: timeout after EHLO from localhost[127.0.0.1] postfix/smtpd[75273]: timeout after DATA (0 bytes) from localhost[127.0.0.1] postfix/smtpd[75316]: timeout after MAIL from localhost[127.0.0.1] postfix/smtpd[75258]: timeout after DATA (0 bytes) from localhost[127.0.0.1] postfix/smtpd[75284]: timeout after STARTTLS from localhost[127.0.0.1] I tried everything in assp and in postfix but it is same. I can't use tls proxy on assp becuse messages will be non readable for assp. I must tur on 587 submisson at postfix and turn of in assp. This works for users but for meassages from outside some tls connections are timeouted too. I am using ubuntu server 20.04 LTS (want use centos 7 but it is impossible to install recommended perl with packages on it :-)) Dne 30. 07. 21 v 3:26 Mark D Montgomery II via Assp-user napsal(a): > Yeah, with the Disable SSL setting blank and also with 25 added to the > Force TLS proxy setting incoming connections just time out (unsure if > it's all the time or just most of the time). > > Jul-29-21 21:19:31 [Worker_3] [TLS-in] [TLS-out] 209.85.218.52 > TLS-Connection idle for 180 secs - timeout > Jul-29-21 21:19:31 [Worker_3] [TLS-in] [TLS-out] 209.85.218.52 [SMTP > Status] 451 Connection timeout, try later > > I'll have to test more thoroughly when I have time. > > ----- Message from K Post <[email protected]> --------- > Date: Thu, 29 Jul 2021 20:39:29 -0400 > From: K Post <[email protected]> > Reply-To: For Users of ASSP <[email protected]> > Subject: Re: [Assp-user] STARTTLS - connection randomly timeout > (outlook imap error) > To: For Users of ASSP <[email protected]> > > >> Just my 1 1/2 cents: >> I'm not sure why you needed to (or would want to) disable ssl on port >> 25, >> but setting >> >> Disable SSL on listenports: 25 >> >> will make it so that outside smtp servers communicate with you without >> encryption. Outside centers always deliver on port 25, and won't try >> 587 >> or any other port. >> >> On Wed, Jul 28, 2021 at 5:49 PM Mark D Montgomery II via Assp-user < >> [email protected]> wrote: >> >>> I fought with this for quite a while the other day after upgrading my >>> VPS from Debian 9 to 10. >>> It seems something must have changed with SSL handling at another >>> level (maybe something with a Postfix update?). >>> >>> What I ended up with: >>> >>> Network Setup: >>> SMTP Listen Port: 25 >>> SMTP Destination: 125 >>> SMTP Secure Listen Port: 465 >>> SSL Destination: 1465 >>> Second SMTP Listen Port: 587 >>> Second SMTP Destination: 1587 >>> Force SMTP AUTH on Second SMTP Listen Port: On >>> >>> >>> SSL/TLS: >>> How to Handle STARTTLS Request: do TLS >>> Disable SSL on listenports: 25 >>> Force TLS to Proxy on this Ports: 587 >>> >>> Client Side: >>> Connections to port 465: SSL/TLS >>> Connections to port 587: STARTTLS >>> >>> >>> >>> ----- Message from "Ing. Lukáš Pečínka" <[email protected]> >>> --------- >>> Date: Wed, 28 Jul 2021 12:10:46 +0200 >>> From: "Ing. Lukáš Pečínka" <[email protected]> >>> Reply-To: For Users of ASSP <[email protected]> >>> Subject: [Assp-user] STARTTLS - connection randomly timeout (outlook >>> imap error) >>> To: [email protected] >>> >>> >>> > Hello, >>> > >>> > I have some problem. I started ASSP with STARTTLS. Some users have >>> > problem with connection timeout (180s). Same with MS Outlook. Test >>> > message never pass and never connect on server. If I switch assp to >>> > TLS proxy everything works fine. After 2 days I don't know what to >>> > do or what I did bad. Could someone help me? Thank you. >>> > >>> > Is something to tweak? Some Timeout or connection rise/lower? >>> > >>> > I tested starttls connection in terminal via openssl - everything is >>> good. >>> > >>> > Listen SMTP port 25 >>> > >>> > SMTP destination 125 >>> > >>> > SMTP secure listen port 465 >>> > >>> > SSL Destination 225 >>> > >>> > second SMTP listen port 587 >>> > >>> > TLS Do TLS >>> > >>> > >>> > Thanks a lot >>> > >>> > -- >>> > S pozdravem a přáním pěkného dne | Best regards >>> > >>> > Lucas >>> > >>> > >>> > >>> > _______________________________________________ >>> > Assp-user mailing list >>> > [email protected] >>> > https://lists.sourceforge.net/lists/listinfo/assp-user >>> >>> >>> ----- End message from "Ing. Lukáš Pečínka" <[email protected]> >>> ----- >>> >>> >>> >>> -- >>> Mark D Montgomery II >>> [email protected] >>> https://www.techiem2.net (Blog) >>> https://www.techiem2.tv (Photo Gallery/Journal) >>> >>> >>> >>> _______________________________________________ >>> Assp-user mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/assp-user >>> > > > ----- End message from K Post <[email protected]> ----- > > > -- S pozdravem a přáním pěkného dne | Best regards Ing. Lukáš Pečínka System administrator, Postmaster, IdP administrator Students mail, Antispam, Mail delivery system Centre for information technology University of Ostrava Bráfova 5 701 03 Ostrava Czech Republic [email protected] [email protected] [email protected] +420 597 09 1116 +420 731 639 635 _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
