Adam D. Barratt via Exim-users <exim-users@exim.org> (Sa 16 Okt 2021 17:43:57 CEST): > > > > This hh.schlittermann.de runs the latest Exim, and probaby sends you > > an SNI your server for some reason doesn't accept? > > FWIW, I've also seen two of these, at 23:53:41UTC yesterday and > 11:08:41UTC today. The server in question is running Debian's 4.92- > 8+deb10u6 exim4-daemon-heavy package and has "tls_sni" set in the log > selector. > > The log entries for the second failed connection are: > > 2021-10-16 11:08:40 SMTP connection from [213.128.132.49] (TCP/IP connection > count = 1) > 2021-10-16 11:08:41 TLS error on connection from hh.schlittermann.de > [213.128.132.49] (gnutls_handshake): A disallowed SNI server name has been > received. > 2021-10-16 11:08:41 SMTP connection from hh.schlittermann.de [213.128.132.49] > closed by EOF > 2021-10-16 11:08:41 no MAIL in SMTP connection from hh.schlittermann.de > [213.128.132.49] D=0s C=EHLO,STARTTLS > > The same server has received 21 successful connections from > hh.schlittermann.de in the past couple of days.
Interesting. Can you tell *what* SNI the server hh sent?
That's what the hh server uses as the transport:
remote_smtp:
driver = smtp
tls_sni = $host
dnssec_request_domains = *
hosts_try_dane = *
hosts_require_dane = +require_dane
hosts_try_fastopen =
So, it sends you *your* hostname as an SNI.
--
Heiko
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
