OpenSMTPD and Debian unstable

s Thu, 16 Jun 2022 23:41:32 -0700

Hi

I have used Let's Encrypt certificates in OpenSMTPD (6.8.0p2-4+b2). The
OpenSSL package for the Debian bookworm/sid was updated from version
1.1.1o-1 to version 3.0.3-7. Now TLS no longer works and the log includes,
for example:


Jun 16 17:36:39 abc smtpd[1610]: 1cc7ae11a090164a smtp connected
address=209.85.221.50 host=mail-wr1-f50.google.com
Jun 16 17:36:39  abc smtpd[1610]: 1cc7ae11a090164a smtp disconnected
reason="io-error: error:0A080006:SSL routines::EVP lib"
Jun 17 02:01:30  abc smtpd[1610]: 1cc7b059a9080695 smtp connected
address=203.147.7.226 host=<unknown>
Jun 17 02:01:31  abc smtpd[1610]: 1cc7b059a9080695 smtp disconnected
reason="io-error: error:0A0C0103:SSL routines::internal error"

Everything worked with the old OpenSSL version. Is it worth checking the
mailserver-settings, the certificate, or trying to downgrade OpenSSL?

Relevant part my smtpd.conf:
pki mail.domain.com cert "/etc/letsencrypt/live/
mail.domain.com/fullchain.pem"
pki mail.domain.com key "/etc/letsencrypt/live/mail.domain.com/privkey.pem"
...
listen on eth0 tls pki mail.domain.com hostname mail.domain.com filter {
"rdns", "fcrdn", "rspamd" }
listen on eth0 port 465 smtps pki mail.domain.com hostname mail.domain.com
auth <passwds> filter "rspamd"
listen on eth0 port 587 tls-require pki mail.domain.com hostname
mail.domain.com auth <passwds> filter "rspamd"

Best reg. Samuli

OpenSMTPD and Debian unstable

Reply via email to