Lindsay Haisley writes:
The problem occurs when mitra.fmp.com is the SMTP _client_ (not the server) but thanks for jumping on it anyway. This only seems to occur with an address at nv.net (the xxx.net in my original post), MX of mx.nv.net. I've added 'nv.net: /SECURITY=NONE' to esmtproutes which has solved the problem with regard to this particular host, however a few swaks sessions indicate that something in the response from this remote host is causing OpenSSL (actually the perl SSLeay module) to crash locally, which I can verify using strace.
That's the Perl module's problem. couriertls doesn't crash. It just reports an error.
STARTTLS 220 please start a TLS connectioncouriertls: connect: error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected messageIt appears to be a problem at nv.net, but if possible I'd like to know a bit more since my correspondent there is both a customer and a personal friend, who's knows personally the operator of nv.net. It would be nice to have some additional information to pass on to them. Is there any way to dig deeper into this?
It's definitely an SSL negotiation failure of some kind. stracing the couriertls process shows this:
write(3, "\26\3\1\0\340\1\0\0\334\3\3Se\207\231]K\216\336\210J\3729\343\316f6A\327\264V9\v3\0054\261h; \17\353\237B\0\0p\300\24\300\n\0009\0008\0\210\0\207\300\17\300\5\0005\0\204\3000\300,\300(\300$\0\243\0\237\0k\0j\3002\300.\300*\300&\0\235\0=\300\22\300\10\0\26\0\23\300\r\300\3\0\n\300\23\300\t\0003\0002\0E\0D\300\16\300\4\0/\0A\300/\300+\300'\300#\0\242\0\236\0g\0@\3001\300- \300)\300% \0\234\0<\0\377\1\0\0C\0\v\0\4\3\0\1\2\0\n\0\10\0\6\0\31\0\30\0\27\0#\0\0\0\r\0\"\0 \6\1\6\2\6\3\5\1\5\2\5\3\4\1\4\2\4\3\3\1\3\2\3\3\2\1\2\2\2\3\1\1\0\17\0\1\1", 229) = 229 read(3, 0xf17e70, 7) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0xf17e70, 7) = -1 EAGAIN (Resource temporarily unavailable)
select(4, [3], [], NULL, NULL) = 1 (in [3]) read(3, "\25\3\0\0\2\2\n", 7) = 7write(2, "couriertls: connect: error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message\n", 103couriertls: connect: error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message
) = 103 fcntl(3, F_SETFL, O_RDONLY) = 0 close(3) = 0All that can be elicited from this is that Courier sent a packet to the other server. That's about the right size for one of several packets that get exchanged between the client and server, to negotiate the connection. The response was seven bytes from that mail server; which is consistent with the server returning an error packet.
There could be something in that server's logs that might provide a clue. Can't really tell anything more than that.
pgpTFKxslu_Rm.pgp
Description: PGP signature
------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available. Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users