Re: [openssl-users] Unable to STARTTLS behind a specific network

2016-12-23 Thread Hoggins!
Yes, confirmed here ! Le 22/12/2016 à 15:24, Salz, Rich a écrit : > Errno104 is usually "connection reset by peer" which means that the other > side said "go away" Both parties receive an RST from "the middle" as shown in the tcpdump captures (output1 from client, output0 from server). Now I

Re: [openssl-users] Unable to STARTTLS behind a specific network

2016-12-23 Thread Hoggins!
Hello all, Thank you for your help ! Le 22/12/2016 à 17:58, Viktor Dukhovni a écrit : >> On Dec 22, 2016, at 5:30 AM, Hoggins! wrote: >> >> So what I do is : >> >>$ openssl s_client -starttls smtp -crlf -connect newdude.radiom.fr:5000 > This (well essentially this, but

Re: [openssl-users] Unable to STARTTLS behind a specific network

2016-12-22 Thread Viktor Dukhovni
> On Dec 22, 2016, at 5:30 AM, Hoggins! wrote: > > So what I do is : > >$ openssl s_client -starttls smtp -crlf -connect newdude.radiom.fr:5000 This (well essentially this, but with the Postfix "posttls-finger" utility) works for me from my MTA host: $

Re: [openssl-users] Unable to STARTTLS behind a specific network

2016-12-22 Thread Salz, Rich
> Well, the fact that it fails is confirmation :) > > > But behind that specific network, if I run the same command, all I get is : > > > > CONNECTED(0003) > > write:errno=104 > > Most likely there is a middlebox filtering traffic and closing the connection. > Try an older protocol

Re: [openssl-users] Unable to STARTTLS behind a specific network

2016-12-22 Thread Salz, Rich
Well, the fact that it fails is confirmation :) > But behind that specific network, if I run the same command, all I get is : > > CONNECTED(0003) > write:errno=104 Most likely there is a middlebox filtering traffic and closing the connection. Try an older protocol version, like