Re: Verisign Problem with smtp tls

Fri, 27 Dec 2013 13:32:39 -0800 


On 12/27/2013 02:22 PM, Viktor Dukhovni wrote:
You're posting to the wrong forum. The problem is not OpenSSL, rather you have an updated release of your MTA. (Is it Exim or Postfix? Go to the corresponding mailing list). OpenSSL performs whatever certificate verification your MTA asks for. Perhaps your Debian software upgrade modified your MTA configuration, or your new MTA is not backwards compatible in its TLS support (this would rule out Postfix, which is).
Here is output from the swaks command line tool. You can see at the end that it is the remote server which is closing the connection and not my MTA: 


swaks -tls --from r...@edm-inc.com --to nosuchu...@thelawrencegroup.com 
--server mail.thelawrencegroup.com

=== Trying mail.thelawrencegroup.com:25...
=== Connected to mail.thelawrencegroup.com.

<-  220 mail.thelawrencegroup.com Microsoft ESMTP MAIL Service, 
Version: 6.0.3790.4675 ready at  Fri, 27 Dec 2013 15:22:54 -0600

 -> EHLO mail.edm-inc.com
<-  250-mail.thelawrencegroup.com Hello [68.143.19.38]
<-  250-TURN
<-  250-SIZE
<-  250-ETRN
<-  250-PIPELINING
<-  250-DSN
<-  250-ENHANCEDSTATUSCODES
<-  250-8bitmime
<-  250-BINARYMIME
<-  250-CHUNKING
<-  250-VRFY
<-  250-TLS
<-  250-STARTTLS
<-  250-X-EXPS GSSAPI NTLM LOGIN
<-  250-X-EXPS=LOGIN
<-  250-AUTH GSSAPI NTLM LOGIN
<-  250-AUTH=LOGIN
<-  250-X-LINK2STATE
<-  250-XEXCH50
<-  250 OK
 -> STARTTLS
<-  220 2.0.0 SMTP server ready
=== TLS started w/ cipher DES-CBC3-SHA

=== TLS peer subject DN="/C=US/ST=Missouri/L=Saint Louis/O=The 
Lawrence Group/OU=IT/OU=Terms of use at www.verisign.com/rpa 
(c)05/CN=mail.thelawrencegroup.com"

 ~> EHLO mail.edm-inc.com
<~  250-mail.thelawrencegroup.com Hello [68.143.19.38]
<~  250-TURN
<~  250-SIZE
<~  250-ETRN
<~  250-PIPELINING
<~  250-DSN
<~  250-ENHANCEDSTATUSCODES
<~  250-8bitmime
<~  250-BINARYMIME
<~  250-CHUNKING
<~  250-VRFY
<~  250-X-EXPS GSSAPI NTLM LOGIN
<~  250-X-EXPS=LOGIN
<~  250-AUTH GSSAPI NTLM LOGIN
<~  250-AUTH=LOGIN
<~  250-X-LINK2STATE
<~  250-XEXCH50
<~  250 OK
 ~> MAIL FROM:<r...@edm-inc.com>
*** Remote host closed connection unexpectedly.


--


       Bob Wooldridge


Blog: http://kc0dxf.net/blog























					Reply via email to