On Fri, Feb 2, 2024, at 6:44 PM, Herbert J. Skuhra wrote: > On Sat, Feb 03, 2024 at 03:00:10AM +0300, Mark wrote: >> Hi. >> >> It seems that the recent Postfix update under 7.4-amd64, >> (package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections, >> coming from Gmail servers, throwing a TLS library problem. >> >> Here's the log output; >> >> postfix/smtpd[32879]: connect from mail-yw1-f178.google.com[209.85.128.178] >> >> postfix/smtpd[7374]: Trusted TLS connection established from >> mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3 >> with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 >> server-signature ECDSA (prime256v1) server-digest SHA256 client-signature >> RSA-PSS (2048 bits) client-digest SHA256 >> >> postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL >> routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308: >> postfix/smtpd[7374]: lost connection after STARTTLS from >> mail-lf1-f45.google.com[209.85.167.45] >> postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com[209.85.167.45] >> ehlo=1 starttls=1 commands=2 >> >> Before updating the package, I had postfix-3.8.20221007p11, and it had no >> such problem. > > Why do you run such an outdated postfix snapshot?
That is the latest version that is supported/available in packages-stable: https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/ Brian Conway Owner RCE Software, LLC