Hi again, While working on smtpd, i realized that my openssl[0] tests were failing too. Obviously, the cipher info is empty.
openssl s_client -connect my_IP:25 -starttls smtp -tls1_1 ... ... New, (NONE), Cipher is (NONE) Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.1 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Start Time: 1595094409 Timeout : 7200 (sec) Verify return code: 0 (ok) --- ... Related log lines from "/var/log/maillog" Jul 18 21:28:42 volgograd smtpd[32258]: d680225f58ddc566 smtp connected address=XX.YY.ZZ.QQ host=mx.domainname.com Jul 18 21:28:42 volgograd smtpd[32258]: d680225f58ddc566 smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" As you see in the above output there is no selected cipher for this conversation. "Cipher : 0000 and New, (NONE), Cipher is (NONE)" I'm trying to understand what is happening here but could not find any clue. The smtpd.conf man page says, there is a default set of ciphers for SSL / TLS connections.