Greg Earle writes:
I'm running Courier 0.45.6 on Solaris 9. I was investigating a problem
sending mail out from home through my work server using port 465, thus
talking to "esmtpd-ssl" on the work/Courier side.
What I found was that "esmtpd-ssl" was getting told that my sending
address was in SORBS as a dynamic address. But instead of reporting
it via "syslog" like "courieresmtpd" does:
Jul 27 12:44:27 courieratwork courieresmtpd: [ID 702911 mail.error]
error,relay=::ffff:218.63.92.101,from=<[EMAIL PROTECTED] mailserver.com>,
to=<[EMAIL PROTECTED]>: 511 Dynamic IP Address See:
http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=218.63.92.101
I get nothing in the logs, and "couriertls" gets fired up instead.
couriertls is always started. This error does not come from couriertcpd,
but from courieresmtpd. couriertcpd only checks if the IP address is listed.
It does not reject the connection. The IP address's status is saved in an
environment variable, and courieresmtpd then refuses all mail because of that.
OK ... but why doesn't it log the same message the "regular" port 25 invocation of "courieresmtpd" does? Given that it's the same binary with just different option arguments, I'm a bit baffled by that ...
"couriertls" accesses my server certificate, sleeps a bit, and then emits
DEBUG: Unexpected SSL connection shutdown.
and goes back to sleep in poll().
See what happens when you do this:
addcr | TLS_VERIFYPEER=NONE couriertls -host=hostname -port=465
courieratwork:1:260 [/] # ( setenv TLS_VERIFYPEER NONE ; addcr | couriertls \
-host=localhost -port=465 )
220 courieratwork.My.Do.Main ESMTP
Then it just sits there. After 10 minutes or so, it times out and returns
to the command prompt. If I run it again and feed it an EHLO, I get back:
220 courieratwork.My.Do.Main ESMTP EHLO courieratwork.My.Do.Main 250-courieratwork.My.Do.Main Ok. 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN X-NETSCAPE-HAS-BUGS 250-XVERP=Courier 250-XEXDATA 250-XSECURITY=NONE,STARTTLS 250-PIPELINING 250-8BITMIME 250-SIZE 250 DSN
My "esmtpd-ssl" file contains (at the moment)
prefix=/opt/courier exec_prefix=/opt/courier BOFHCHECKDNS=1 BOFHNOEXPN=0 BOFHNOVRFY=0 NOADDMSGID=1 NOADDDATE=1 AUTH_REQUIRED=0 BLACKLISTS="" SSLPORT=465 SSLADDRESS=0 SSLPIDFILE=/opt/courier/var/tmp/esmtpd-ssl.pid ESMTPDSSLSTART=YES COURIERTLS=/opt/courier/bin/couriertls TLS_PROTOCOL=TLS1 [Has also been set to "SSLv3" - Ed.] TLS_CERTFILE=/opt/openssl/certs/courieratwork.pem TLS_VERIFYPEER=NONE MAXDAEMONS=40 MAXPERC=5 MAXPERIP=5
What I'm finding is that when I try to send out on port 465 from Entourage,
I see 3 packets go back and forth on that port (465), then an AUTH (identd)
packet gets sent from the server to my home machine (I'm not running identd
so it RSTs back), and then ... nothing. I've tried changing the settings
in etc/esmtpd-ssl (and then restarting Courier) to no avail. Eventually
the connection times out, of course.
In the meantime, I've fallen back to using SSL with user authentication
on port 25, as that seems to work. My co-worker, however, uses Entourage X
and reports the exact opposite - that setting his outgoing SMTP preferences
to use port 25 doesn't work, but using port 465 does (modulo a diagnostic
error message he gets). Go figure.
- Greg
------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
