On 2015-07-30 18:33, Robert Mueller wrote:
A client with a new iPhone (not sure what model), attempts to setup
imap/smtp using starttls. As part of the setup, the iPhone apparently
probes the smtp server on port 587 with an SSL handshake:
Jul 29 21:31:34 ns1 sendmail[20641]: t6U4VYQL020641: rejecting commands
from 97-93-80-251.static.rvsd.ca.charter.com [97.93.80.251] due to pre-
greeting traffic after 0 seconds
Having dealt with lots of iOS users for many years, I find this really
surprising. I've never seen an iOS device do this before. It does appear
to be SSL/TLS traffic, but I'm really surprised it was sent to port 587.
Are you absolutely sure this is happening on port 587? Is there anything
else logged before or after this from the same IP (maybe get a tcpdump)?
Does it actually attempt plaintext + STARTTLS upgrade after the direct
TLS/SSL connection fails?
What domain? It's possible that there was some autodiscovery DNS records
(or hard-coded server names in Apple's database) that is misconfigured.
(Although truthfully I'm not sure Apple tries much for IMAP/POP and SMTP
configuration, it might only actually try to auto-detect specific known
providers and Exchange/ActiveSync accounts as autodiscovery tends to be
more common on these platforms)
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
_______________________________________________
mailop mailing list
mailop@mailop.org
http://chilli.nosignal.org/mailman/listinfo/mailop
