Hello! I hope Amazon SES is "supported" by courier.
0) courier 0.73.1-1.6 libssl 1.0.1t-1+deb8u6 1) SES requires STARTTLS, so without /SECURITY=REQUIRED SES says: 530 Must issue a STARTTLS command first 2) TLS_VERIFYPEER=NONE in courierd 3) openssl s_client -connect email-smtp.us-west-2.amazonaws.com:587 -starttls smtp -crlf says: subject=/C=US/ST=Washington/L=Seattle/O=Amazon.com, Inc./CN=email-smtp.us-west-2.amazonaws.com issuer=/C=US/O=Symantec Corporation/OU=Symantec Trust Network/CN=Symantec Class 3 Secure Server CA - G4 Verify return code: 0 (ok) 4) ECDHE-RSA-AES256-GCM-SHA384 is used during s_client, it is in TLS_CIPHER_LIST 5) in esmtproutes: : email-smtp.us-west-2.amazonaws.com,587 /SECURITY=REQUIRED 6) telnet email-smtp.us-west-2.amazonaws.com 587 220 email-smtp.amazonaws.com ESMTP SimpleEmailService-1868680227 MmKC14V2dPS1oRPRtSjF Courier says: /SECURITY=REQUIRED set, but TLS is not available Could it be that Courier compares the SMTP banner (email-smtp.amazonaws.com) to the certificate CN, not the specified host name (email-smtp.us-west-2.amazonaws.com) ? Thank you! SZÉPE Viktor https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md -- +36-20-4242498 s...@szepe.net skype: szepe.viktor Budapest, III. kerület ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
