i'm using STARTLS but i put it inside of qmail MTA i also use ssl for courier imapd and i'm on xp
----- Original Message ----- From: "Greg Owen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, March 01, 2002 4:13 PM Subject: [courier-users] Tinfoil: XP blocking STARTTLS? > > Upgrade to latest Win XP seems to block STARTTLS in the TCP stack - looking > for confirmation from other Courier users w/STARTTLS enabled? > > (I realize this borders on off-topic, but I'm questioning my sanity here and > need help...) > > Two recently installed + "windowsupdate"ed machines, one XP Home, one XP > Pro, both running OE6, start returning errors when trying to send mail with > SSL enabled (STARTTLS over port 25). Errors occur either with OE (as > logged in ->->Maintenance->Smtp log) or by hand using 'telnet'. > > Here's the crazy thing: the response is "500 Unsupported command." - that > response is NOWHERE in Courier. And the problem occurs if you use 'telnet' > to connect by hand, as follows: > > 220 h00a0c9056d78.ne.mediaone.net ESMTP > helo localhost > 250-h00a0c9056d78.ne.mediaone.net Ok. > 250-AUTH LOGIN CRAM-MD5 > 250-AUTH=LOGIN CRAM-MD5 X-NETSCAPE-HAS-BUGS > 250-STARTTLS > 250-XVERP=Courier > 250-XEXDATA > 250-XSECURITY=NONE,STARTTLS > 250-PIPELINING > 250-8BITMIME > 250-SIZE > 250 DSN > starttls > 500 Unsupported command. > quit > 221 Closing connection. Good bye. > > Here's the really, really weird thing: If you sniff the above transaction > with TCPdump, the "starttls" entered by the client doesn't transmit! The > first packet is the end of the server response to the "helo", the second > packet is the client's ack, and then the next packet we see is the client > "quit!" > > 03/01-16:12:18.181375 24.61.51.12:25 -> 10.0.0.172:2374 > TCP TTL:47 TOS:0x0 ID:63311 IpLen:20 DgmLen:150 DF > ***AP*** Seq: 0x62D7BAA6 Ack: 0xEA7327F7 Win: 0x16D0 TcpLen: 20 > 0x0000: 00 04 76 4D BE 8A 00 04 DD FC 66 81 08 00 45 00 ..vM......f...E. > 0x0010: 00 96 F7 4F 40 00 2F 06 FE 1D 18 3D 33 0C 0A 00 ...O@./....=3... > 0x0020: 00 AC 00 19 09 46 62 D7 BA A6 EA 73 27 F7 50 18 .....Fb....s'.P. > 0x0030: 16 D0 9C C1 00 00 32 35 30 2D 58 56 45 52 50 3D ......250-XVERP= > 0x0040: 43 6F 75 72 69 65 72 0D 0A 32 35 30 2D 58 45 58 Courier..250-XEX > 0x0050: 44 41 54 41 0D 0A 32 35 30 2D 58 53 45 43 55 52 DATA..250-XSECUR > 0x0060: 49 54 59 3D 4E 4F 4E 45 2C 53 54 41 52 54 54 4C ITY=NONE,STARTTL > 0x0070: 53 0D 0A 32 35 30 2D 50 49 50 45 4C 49 4E 49 4E S..250-PIPELININ > 0x0080: 47 0D 0A 32 35 30 2D 38 42 49 54 4D 49 4D 45 0D G..250-8BITMIME. > 0x0090: 0A 32 35 30 2D 53 49 5A 45 0D 0A 32 35 30 20 44 .250-SIZE..250 D > 0x00A0: 53 4E 0D 0A SN.. > > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ > > 03/01-16:12:18.348918 10.0.0.172:2374 -> 24.61.51.12:25 > TCP TTL:128 TOS:0x0 ID:27678 IpLen:20 DgmLen:40 DF > ***A**** Seq: 0xEA7327F7 Ack: 0x62D7BB14 Win: 0xFC4A TcpLen: 20 > 0x0000: 00 04 DD FC 66 81 00 04 76 4D BE 8A 08 00 45 00 ....f...vM....E. > 0x0010: 00 28 6C 1E 40 00 80 06 38 BD 0A 00 00 AC 18 3D .([email protected]......= > 0x0020: 33 0C 09 46 00 19 EA 73 27 F7 62 D7 BB 14 50 10 3..F...s'.b...P. > 0x0030: FC 4A 23 DF 00 00 00 00 00 00 00 00 .J#......... > > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ > > 03/01-16:12:21.151326 10.0.0.172:2374 -> 24.61.51.12:25 > TCP TTL:128 TOS:0x0 ID:27713 IpLen:20 DgmLen:46 DF > ***AP*** Seq: 0xEA7327F7 Ack: 0x62D7BB14 Win: 0xFC4A TcpLen: 20 > 0x0000: 00 04 DD FC 66 81 00 04 76 4D BE 8A 08 00 45 00 ....f...vM....E. > 0x0010: 00 2E 6C 41 40 00 80 06 38 94 0A 00 00 AC 18 3D [email protected]......= > 0x0020: 33 0C 09 46 00 19 EA 73 27 F7 62 D7 BB 14 50 18 3..F...s'.b...P. > 0x0030: FC 4A 7C 1D 00 00 51 55 49 54 0D 0A .J|...QUIT.. > > =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ > > > I know this sounds like a conspiracy theory, but it's almost as if the XP > TCP stack is blocking STARTTLS initiation. Is there anyone else on the list > with XP installed and and STARTTLS on their server that they can test this? > When it was just my wife's machine I assumed it was user error - now that > mine is doing it too, the problem is serious! > > > > -- > gowen -- Greg Owen -- [EMAIL PROTECTED] > 79A7 4063 96B6 9974 86CA 3BEF 521C 860F 5A93 D66D > > _______________________________________________ > courier-users mailing list > [EMAIL PROTECTED] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
