I have a very old install of ASSPv2 "2.3.4(13136)" running on Debian GNU/Linux 6.0.3 (squeeze).
This is for our Zimbra mail server that is also outdated, running on Ubuntu 10.04 64bit. I'd like to update the mail server, but won't attempt it until I get the ASSP2 issues resolved. When building another VM to house the upgraded ASSP and putting it into place, I get attachment corruption. Following the logs on the Zimbra side, I see a change in what is being used for the SSL cipher. It goes from the normal: postfix/smtpd[12152]: Anonymous TLS connection established from assp.inet[10.0.0.10]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) To: postfix/smtpd[11502]: Anonymous TLS connection established from assp.inet[10.0.0.10]: TLSv1 with cipher AES128-SHA (128/128 bits) So, Reviewing a previous post from Thomas http://sourceforge.net/p/assp/mailman/message/31259064/ I started playing around with the cipher options on ASSP. I forced: AES256:SHA256:RC4-SHA:HIGH:!ADH Now my logs on the Zimbra server so AES256 and I no longer have attachment corruption, but I now am experiencing two different issues. 1.) Sending test email from Seamonkey, I may have to hit send a couple times before it goes. 2.) I'm seeing the below logs in my Zimbra server: postfix/smtpd[22112]: warning: TLS library problem: 22112:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac:s3_pkt.c:1199:SSL alert number 20 Would this be because I'm missing a required cipher? Any suggestions would be appreciated. Doug ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
