Re: some questions and problems with postfix

Wed, 16 Aug 2017 06:34:06 -0700 

Hi Victor, thank you for your kind reply.
That explains a lot, i did not know. Also i now realize looking at the 
timestamps that it is indeed one and the same message. I feel stupid now.
But i will remember that inbound smtp is anonymous.

Thanks.
> On 16 Aug 2017, at 13:40, Viktor Dukhovni <[email protected]> wrote:
> 
> 
>> On Aug 16, 2017, at 8:11 AM, Alef Veld <[email protected]> wrote:
>> 
>> 2. Why do i sometimes get a anonymous TLS connection.
> 
> Inbound SMTP email is "always" anonymous, as servers generally
> don't and should not request client certificates, and even if
> they did, clients wouldn't generally be configured to present
> such certificates.  See:
> 
>    http://www.postfix.org/FORWARD_SECRECY_README.html#status
> 
>> Aug 16 09:01:47 www postfix/smtpd[12706]: SSL_accept:SSLv3 flush data
> 
> Your log level is too high, set it to 1, and you'll get better
> performance, and fewer debugging messages that you find confusing.
> It may even be that with all debugging logging flooding the log
> server, some messages are getting lost.  Though in this case both
> the first connection:
> 
>> Aug 16 09:01:47 www postfix/smtpd[12706]: Anonymous TLS connection 
>> established from 
>> mail-oln040092068076.outbound.protection.outlook.com[40.92.68.76]: TLSv1.2 
>> with cipher AES256-SHA256 (256/256 bits)
>> 
>> And sometimes a regular TLS connection ? Same ip and same cipher as well.
> 
> (actually also anonymous, just a few extra lines you happened to cut/paste)
> 
>> Aug 16 09:01:47 www postfix/smtpd[12706]: initializing the server-side TLS 
>> engine
>> Aug 16 09:01:47 www postfix/smtpd[12706]: connect from 
>> mail-oln040092068076.outbound.protection.outlook.com[40.92.68.76]
>> Aug 16 09:01:47 www postfix/smtpd[12706]: setting up TLS connection from 
>> mail-oln040092068076.outbound.protection.outlook.com[40.92.68.76]
>> Aug 16 09:01:47 www postfix/smtpd[12706]: 
>> mail-oln040092068076.outbound.protection.outlook.com[40.92.68.76]: TLS 
>> cipher list "ALL:+RC4:@STRENGTH"
> 
> and the second connection:
> 
>> 
>> Aug 16 09:01:47 www postfix/smtpd[12706]: Anonymous TLS connection 
>> established from 
>> mail-oln040092068076.outbound.protection.outlook.com[40.92.68.76]: TLSv1.2 
>> with cipher AES256-SHA256 (256/256 bits)
> 
> are anonymous.  The above log entries are all for the same inbound
> TLS session.
> 
> -- 
>       Viktor.
>

Reply via email to