eric that is what is did. first stop .... wait for a minute and then start.
rajesh ----- Original Message ----- From: Eric Broch [mailto:ebr...@whitehorsetc.com] To: qmailtoaster-list@qmailtoaster.com Sent: Tue, 4 Apr 2017 08:35:13 -0600 Subject: There is a difference between restart and stop/start. Try a stop/start. On 4/4/2017 8:33 AM, Rajesh M wrote: > eric > > yes, i restarted qmail. > > rajesh > > ----- Original Message ----- > From: Eric Broch [mailto:ebr...@whitehorsetc.com] > To: qmailtoaster-list@qmailtoaster.com > Sent: Tue, 4 Apr 2017 06:14:59 -0600 > Subject: > > Rajesh, > > Did you (restart) > > # qmailctl restart > > or > > (stop/start) > > # qmailctl stop > > # qmailctl start > > ? > > Eric > > > On 4/4/2017 12:13 AM, Rajesh M wrote: >> eric >> >> here are the details >> >> [root@ns1 control]# openssl version >> OpenSSL 1.0.1e-fips 11 Feb 2013 >> >> [root@ns1 control]# openssl s_client -starttls smtp -no_ssl3 -no_ssl2 >> -cipher "AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25 >> CONNECTED(00000003) >> read from 0x1777e10 [0x17b9ae0] (4096 bytes => 75 (0x4B)) >> 0000 - 32 32 30 20 6d 74 61 31-31 2e 65 6d 61 73 2e 64 220 mta11.emas.d >> 0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 45 53 bschenker.com ES >> 0020 - 4d 54 50 20 53 6d 74 70-64 3b 20 54 75 65 2c 20 MTP Smtpd; Tue, >> 0030 - 34 20 41 70 72 20 32 30-31 37 20 30 38 3a 31 32 4 Apr 2017 08:12 >> 0040 - 3a 33 30 20 2b 30 32 30-30 0d 0a :30 +0200.. >> write to 0x1777e10 [0x17baaf0] (25 bytes => 25 (0x19)) >> 0000 - 45 48 4c 4f 20 6f 70 65-6e 73 73 6c 2e 63 6c 69 EHLO openssl.cli >> 0010 - 65 6e 74 2e 6e 65 74 0d-0a ent.net.. >> read from 0x1777e10 [0x17b9ae0] (4096 bytes => 230 (0xE6)) >> 0000 - 32 35 30 2d 6d 74 61 31-31 2e 65 6d 61 73 2e 64 250-mta11.emas.d >> 0010 - 62 73 63 68 65 6e 6b 65-72 2e 63 6f 6d 20 48 65 bschenker.com He >> 0020 - 6c 6c 6f 20 6e 73 31 2e-61 61 61 6f 6e 6c 69 6e llo ns1.aaaonlin >> 0030 - 75 78 2e 63 6f 6d 20 5b-31 30 33 2e 32 34 31 2e ux.com [103.241. >> 0040 - 31 38 31 2e 31 33 37 5d-2c 20 70 6c 65 61 73 65 181.137], please >> 0050 - 64 20 74 6f 20 6d 65 65-74 20 79 6f 75 0d 0a 32 d to meet you..2 >> 0060 - 35 30 2d 45 4e 48 41 4e-43 45 44 53 54 41 54 55 50-ENHANCEDSTATU >> 0070 - 53 43 4f 44 45 53 0d 0a-32 35 30 2d 50 49 50 45 SCODES..250-PIPE >> 0080 - 4c 49 4e 49 4e 47 0d 0a-32 35 30 2d 38 42 49 54 LINING..250-8BIT >> 0090 - 4d 49 4d 45 0d 0a 32 35-30 2d 53 49 5a 45 20 32 MIME..250-SIZE 2 >> 00a0 - 36 32 31 34 34 30 30 0d-0a 32 35 30 2d 41 55 54 6214400..250-AUT >> 00b0 - 48 20 4c 4f 47 49 4e 20-50 4c 41 49 4e 0d 0a 32 H LOGIN PLAIN..2 >> 00c0 - 35 30 2d 53 54 41 52 54-54 4c 53 0d 0a 32 35 30 50-STARTTLS..250 >> 00d0 - 2d 44 45 4c 49 56 45 52-42 59 0d 0a 32 35 30 20 -DELIVERBY..250 >> 00e0 - 48 45 4c 50 0d 0a HELP.. >> write to 0x1777e10 [0x7ffd0b0c4880] (10 bytes => 10 (0xA)) >> 0000 - 53 54 41 52 54 54 4c 53-0d 0a STARTTLS.. >> read from 0x1777e10 [0x16aad00] (8192 bytes => 30 (0x1E)) >> 0000 - 32 32 30 20 32 2e 30 2e-30 20 52 65 61 64 79 20 220 2.0.0 Ready >> 0010 - 74 6f 20 73 74 61 72 74-20 54 4c 53 0d 0a to start TLS.. >> write to 0x1777e10 [0x17b9ae0] (99 bytes => 99 (0x63)) >> 0000 - 16 03 01 00 5e 01 00 00-5a 03 03 58 e3 38 52 5c ....^...Z..X.8R\ >> 0010 - d3 37 8b 23 86 92 e6 63-2f e7 dd f9 ed 42 df 2b .7.#...c/....B.+ >> 0020 - 45 51 06 1e f2 f3 38 b1-36 c7 d4 00 00 04 00 35 EQ....8.6......5 >> 0030 - 00 ff 01 00 00 2d 00 23-00 00 00 0d 00 20 00 1e .....-.#..... .. >> 0040 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02 ................ >> 0050 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 00 0f ................ >> 0060 - 00 01 01 ... >>>>> TLS 1.2 Handshake [length 005e], ClientHello >> 01 00 00 5a 03 03 58 e3 38 52 5c d3 37 8b 23 86 >> 92 e6 63 2f e7 dd f9 ed 42 df 2b 45 51 06 1e f2 >> f3 38 b1 36 c7 d4 00 00 04 00 35 00 ff 01 00 00 >> 2d 00 23 00 00 00 0d 00 20 00 1e 06 01 06 02 06 >> 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03 >> 02 03 03 02 01 02 02 02 03 00 0f 00 01 01 >> >> >> thank you, >> rajesh >> >> ----- Original Message ----- >> From: Eric Broch [mailto:ebr...@whitehorsetc.com] >> To: qmailtoaster-list@qmailtoaster.com >> Sent: Tue, 4 Apr 2017 00:09:04 -0600 >> Subject: >> >> Also run command with -debug and -msg options in red below. >> >> # openssl s_client -starttls smtp -no_ssl3 -no_ssl2 -cipher >> "AES256-SHA" -debug -msg -connect mx01.emas.dbschenker.com:25 >> >> >> On 4/4/2017 12:03 AM, Eric Broch wrote: >>> Rajesh, >>> >>> Please disregard my last question (Does it connect and get full cert >>> details if you use IP address?). >>> >>> "here too, the issue is server side. My mail server is not able to >>> connect to the mail server of hpe.com and send the emails of my clients" >>> >>> Your server is acting as a client in this case by initiating a TLS >>> connection to the domains in question...to deliver mail, correct? Do >>> you have settings in one of your control files to initiate TLS >>> connections with certain domains? >>> >>> "openssl s_client -starttls smtp -no_ssl3 -no_ssl2 -cipher >>> "AES256-SHA" -connect mx01.emas.dbschenker.com:25" >>> >>> This command works from my COS6 and COS7 hosts. So I don't think it's >>> on their end. >>> >>> which openssl version are you running? >>> >>> Eric >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Eric Broch, IMSO, DAM, NGOO, DITH, URTS White Horse Technical Consulting (WHTC)
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com