Hello
Please help me out with the following error. It's a not very old DVR
equipment sending notification emails on submission with TLS.
Before (with Centos 7 and postfix 3.6) was working, but now, with rocky
8 and postfix 3.10-20240310.
postfix/submission/smtpd[1341984]: initializing the server-side TLS engine
postfix/submission/smtpd[1341984]: connect from unknown[x.x.x.x]
postfix/submission/smtpd[1341984]: setting up TLS connection from
unknown[x.x.x.x]
postfix/submission/smtpd[1341984]: unknown[x.x.x.x]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:+RC4:@STRENGTH"
postfix/submission/smtpd[1341984]: SSL_accept:before SSL initialization
postfix/submission/smtpd[1341984]: read from 55BE67365B00 [55BE67426AB3]
(5 bytes => -1 (0xFFFFFFFFFFFFFFFF))
postfix/submission/smtpd[1341984]: read from 55BE67365B00 [55BE67426AB3]
(5 bytes => 5 (0x5))
postfix/submission/smtpd[1341984]: 0000 16 03 01 00
96 .....
postfix/submission/smtpd[1341984]: read from 55BE67365B00 [55BE67426AB8]
(150 bytes => 150 (0x96))
postfix/submission/smtpd[1341984]: 0000 01 00 00 92 03 03 dc 27|9c 04 2a
57 91 c4 fd 9f .......' ..*W....
postfix/submission/smtpd[1341984]: 0010 e1 a0 af ef 17 62 d4 b3|10 0c c8
58 f3 3e 71 4b .....b.. ...X.>qK
postfix/submission/smtpd[1341984]: 0020 a1 40 a2 87 21 36 00 00|4a 00 a5
00 a3 00 a1 00 .@..!6.. J.......
postfix/submission/smtpd[1341984]: 0030 9f 00 6b 00 6a 00 69 00|68 00 39
00 38 00 37 00 ..k.j.i. h.9.8.7.
postfix/submission/smtpd[1341984]: 0040 36 00 9d 00 3d 00 35 00|a4 00 a2
00 a0 00 9e 00 6...=.5. ........
postfix/submission/smtpd[1341984]: 0050 67 00 40 00 3f 00 3e 00|33 00 32
00 31 00 30 00 g.@.?.>. 3.2.1.0.
postfix/submission/smtpd[1341984]: 0060 9c 00 3c 00 2f 00 16 00|13 00 10
00 0d 00 0a 00 ..<./... ........
postfix/submission/smtpd[1341984]: 0070 ff 56 00 01 00 00 1f 00|0d 00 16
00 14 06 01 06 .V...... ........
postfix/submission/smtpd[1341984]: 0080 02 05 01 05 02 04 01 04|02 03 01
03 02 02 01 02 ........ ........
postfix/submission/smtpd[1341984]: 0090 02 00 0f 00 01
01 ......
postfix/submission/smtpd[1341984]: SSL_accept:before SSL initialization
postfix/submission/smtpd[1341984]: write to 55BE67365B00 [55BE6742EC70]
(7 bytes => 7 (0x7))
postfix/submission/smtpd[1341984]: 0000 15 03 03 00 02 02
56 ......V
postfix/submission/smtpd[1341984]: SSL3 alert write:fatal:unknown
postfix/submission/smtpd[1341984]: SSL_accept:error in error
postfix/submission/smtpd[1341984]: SSL_accept error from
unknown[x.x.x.x]: -1
postfix/submission/smtpd[1341984]: warning: TLS library problem:
error:14209175:SSL
routines:tls_early_post_process_client_hello:inappropriate
fallback:ssl/statem/statem_srvr.c:1767:
postfix/submission/smtpd[1341984]: lost connection after STARTTLS from
unknown[x.x.x.x]
postfix/submission/smtpd[1341984]: disconnect from unknown[x.x.x.x]
ehlo=1 starttls=0/1 commands=1/2
# postconf -n | grep smtpd_tls
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_security_level = may
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_security_options=noanonymous
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o smtpd_reject_unlisted_recipient=no
-o smtpd_peername_lookup=no
-o milter_macro_daemon_name=ORIGINATING
Thank you
Levi
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org