Hi, This is getting curiouser and curiouser. I decided to outsmart things, and put a stunnel infront of SMTP listening on 465, talking to 25. Genius, huh? Yea, not totally.
So I configured it to forward 465 to 25, started my openssl s_client and..... EXACT SAME ISSUES!!! What the bloody heck!? I even changed out the LetsEncrypt cert for a ZeroSSL one, same issue. I'm running libssl.so.1.0.2k with Amazon patches. Not sure where to go at this point.. Tuc On Tue, Sep 22, 2020 at 9:39 PM Scott Ellentuch <tuct...@gmail.com> wrote: > Hi, > > Thanks for the reply. These were the versions available on the OS I was > using (Amazon Linux 1). > > I decided to move over to CentOS 7, postfix 2.10. dovecot-2.2.36 and > cyrus-sasl-lib-2.1.26 > . I realize this isn't the absolute latest of everything, but again, the > closest I could get with RPMs right now. > > And, exactly the same behaviour. 25/587 is fine. 25+STARTTLS/465 either > RENEGOTIATES SSL or immediately says DONE > > I also spun up Centos 8 which gave me postfix-3.3.1, dovecot-2.3.8 and > cyrus-sasl-lib-2.1.27. > > And, exactly the same behaviour. 25/587 is fine. 25+STARTTLS/465 either > RENEGOTIATES SSL or immediately says DONE > > I really need to get this going, any thoughts? > > Tnx, Tuc > > > On Tue, Sep 22, 2020 at 12:12 AM Quanah Gibson-Mount <qua...@symas.com> > wrote: > >> >> >> --On Monday, September 21, 2020 2:40 PM -0400 Scott Ellentuch >> <tuct...@gmail.com> wrote: >> >> > I'm using sendmail 8.14.4 and Sasl 2.1.23 . Config info >> >> Cyrus-SASL 2.1.23 released on 4/27/2009, over 11 years ago. >> >> You may want to see if the behavior your describing is addressed by any >> of >> the years of fixes since then as noted in >> <https://raw.githubusercontent.com/cyrusimap/cyrus-sasl/master/ChangeLog> >> >> Regards, >> Quanah >> >> -- >> >> Quanah Gibson-Mount >> Product Architect >> Symas Corporation >> Packaged, certified, and supported LDAP solutions powered by OpenLDAP: >> <http://www.symas.com> >> >
