On Tue, May 21, 2013 at 10:52:32PM +0000, Viktor Dukhovni wrote:
> posttls-finger: Connected to mail.ietf.org[2001:1890:123a::1:1e]:25
> posttls-finger: < 220 ietfa.amsl.com ESMTP Postfix
> posttls-finger: > EHLO amnesiac.local
> posttls-finger: < 250-ietfa.amsl.com
> posttls-finger: < 250-PIPELINING
> posttls-finger: < 250-SIZE 67108864
> posttls-finger: < 250-ETRN
> posttls-finger: < 250-AUTH LOGIN PLAIN
> posttls-finger: < 250-AUTH=LOGIN PLAIN
> posttls-finger: < 250-ENHANCEDSTATUSCODES
> posttls-finger: < 250-8BITMIME
> posttls-finger: < 250 DSN
> posttls-finger: > QUIT
> posttls-finger: < 221 2.0.0 Bye
>
> For some reason this MX host supports SASL (more suitable for an
> MSA, where one would also want TLS for PLAIN or LOGIN), but not
> TLS which is appropriate for an inbound MX.
FWIW, AMS (aka amsl.com) are no strangers to SMTP + STARTTLS:
$ posttls-finger amsl.com
posttls-finger: Connected to mail.amsl.com[64.170.98.20]:25
posttls-finger: < 220 c8a.amsl.com ESMTP Postfix
posttls-finger: > EHLO amnesiac.localhost
posttls-finger: < 250-c8a.amsl.com
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 67108864
posttls-finger: < 250-ETRN
posttls-finger: < 250-STARTTLS
posttls-finger: < 250-AUTH PLAIN LOGIN
posttls-finger: < 250-AUTH=PLAIN LOGIN
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-8BITMIME
posttls-finger: < 250 DSN
posttls-finger: > STARTTLS
posttls-finger: < 220 2.0.0 Ready to start TLS
posttls-finger: mail.amsl.com[64.170.98.20]:25 CommonName smtp.amsl.com
posttls-finger: certificate verification failed for
mail.amsl.com[64.170.98.20]:25: self-signed certificate
posttls-finger: mail.amsl.com[64.170.98.20]:25: subject_CN=smtp.amsl.com,
issuer_CN=smtp.amsl.com,
fingerprint=A8:39:D3:5D:90:65:96:D4:BB:DB:0A:E5:F9:C8:0E:14:99:15:7D:6C,
pkey_fingerprint=0F:E2:FB:2F:A6:AA:69:3B:B6:4A:A3:40:6B:FD:2D:09:95:03:74:38
posttls-finger: Untrusted TLS connection established to
mail.amsl.com[64.170.98.20]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384
(256/256 bits)
posttls-finger: > EHLO amnesiac.localhost
posttls-finger: < 250-c8a.amsl.com
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 67108864
posttls-finger: < 250-ETRN
posttls-finger: < 250-AUTH PLAIN LOGIN
posttls-finger: < 250-AUTH=PLAIN LOGIN
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-8BITMIME
posttls-finger: < 250 DSN
posttls-finger: > QUIT
posttls-finger: < 221 2.0.0 Bye
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane