On Saturday 19 Dec 2015 10:31:09 jens wefer wrote: > Am Mon, 14 Dec 2015 08:50:29 +0100 > > schrieb jens wefer <[email protected]>: > > Am Sat, 12 Dec 2015 23:09:20 +0100 > > > > schrieb jens wefer <[email protected]>: > > > Am Sat, 12 Dec 2015 17:53:04 +0000 > > > > > > schrieb Stroller <[email protected]>: > > > > > On Sat, 12 December 2015, at 3:08 a.m., jens wefer > > > > > <[email protected]> wrote: > > > > > > > > > > I set up a mail server, postfix/dovecot, ssl required. > > > > > test with mail-client, all ok > > > > > when I try to copy mails with imapsync (gentoo) comes timeout, > > > > > and imapsync will login again. > > > > > with each new login, a new process imap-login is generated. > > > > > > > > Sorry if this is a dumb question, but how do you know it's timing > > > > out? > > > > > > > > Could it just be slow, as it has to compile loads of messages in > > > > its first run? > > > > > > > > Looks like dovecot has a 30 minute timeout. [1] > > > > > > > > An old message on the Dovecot mailing list [2] suggests to set > > > > "verbose_proctitle = yes" in config to see why each process is > > > > open. > > > > > > > > It also suggests using high-performance mode, rather that the > > > > default. > > > > > > > > Stroller. > > > > > > timeout comes from imapsync (default timeout 120 sec). > > > after 10 minutes then running 5 Dovecot processes which want 100% > > > CPU time. mail logfile: > > > imap-login: Login: user = .... blablub, TLS ession, .. > > > > I think that's a problem with perl. > > When I send an email with sendEmail comes SSLv3 Aler handshake > > failure. if I use a newer sendEmail version (1.56.5) comes > > Segnentation fault. when I start sendEmail on CentOS is everything ok. > > I send emails with email-client and sendEmail (win/centos). > mail.log > [...]: initializing the server-side TLS engine > [...]: connect from brumw.lxsbbshome.tld[192.168.0.15] > [...]: setting up TLS connection from brumw.lxsbbshome.tld[192.168.0.15] > [...]: brumw.lxsbbshome.tld[192.168.0.15]: TLS cipher list > "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH" [...]: > SSL_accept:before/accept initialization [...]: SSL_accept:SSLv3 read > client hello A [...]: SSL_accept:SSLv3 write server hello A > [...]: SSL_accept:SSLv3 write certificate A > [...]: SSL_accept:SSLv3 write server done A > [...]: SSL_accept:SSLv3 flush data > [...]: SSL_accept:SSLv3 read client certificate A > [...]: SSL_accept:SSLv3 read client key exchange A > [...]: SSL_accept:SSLv3 read certificate verify A > [...]: SSL_accept:SSLv3 read finished A > [...]: brumw.lxsbbshome.tld[192.168.0.15]: Issuing session ticket, key > expiration: 1450478594 [...]: SSL_accept:SSLv3 write session ticket A > [...]: SSL_accept:SSLv3 write change cipher spec A > [...]: SSL_accept:SSLv3 write finished A > [...]: SSL_accept:SSLv3 flush data > [...]: Anonymous TLS connection established from > brumw.lxsbbshome.tld[192.168.0.15]: TLSv1.2 with cipher > AES128-GCM-SHA256 (128/128 bits) [...]: AFC46282149: > client=brumw.lxsbbshome.tld[192.168.0.15] > > when I send email with sendEmail from gentoo-client it comes handshake > error mail.log > [...]: initializing the server-side TLS engine > [...]: connect from robin.lxsbbshome.tld[192.168.0.17] > [...]: setting up TLS connection from robin.lxsbbshome.tld[192.168.0.17] > [...]: robin.lxsbbshome.tld[192.168.0.17]: TLS cipher list > "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH" [...]: > SSL_accept:before/accept initialization [...]: SSL3 alert > write:fatal:handshake failure [...]: SSL_accept:error in error > [...]: SSL_accept:error in error > [...]: SSL_accept error from robin.lxsbbshome.tld[192.168.0.17]: -1 > [...]: warning: TLS library problem: error:1408A10B:SSL > routines:ssl3_get_client_hello:wrong version number:s3_srvr.c:960: > [...]: lost connection after STARTTLS from > robin.lxsbbshome.tld[192.168.0.17] [...]: disconnect from > robin.lxsbbshome.tld[192.168.0.17] ehlo=1 starttls=0/1 commands=1/2 > > sendEmail.log > [...]: DEBUG => Connecting to rosalie.lxsbbshome.tld:25 > [...]: DEBUG => My IP address is: 192.168.0.17 > [...]: DEBUG => evalSMTPresponse() - Checking for SMTP success or error > status in the message: 220 rosalie.lxsbbshome.tld ESMTP Postfix [...]: > DEBUG => evalSMTPresponse() - Found SMTP success code: 220 [...]: > SUCCESS => Received: 220 rosalie.lxsbbshome.tld ESMTP Postfix > [...]: INFO => Sending: EHLO robin.lxsbbshome.tld [...]: DEBUG > => evalSMTPresponse() - Checking for SMTP success or error status in > the message: 250-rosalie.lxsbbshome.tld, 250-PIPELINING, 250-SIZE > 10240000, 250-VRFY, 250-ETRN, 250-STARTTLS, 250-AUTH PLAIN, > 250-ENHANCEDSTATUSCODES, 250-8BITMIME, 250-DSN, 250 SMTPUTF8 [...]: > DEBUG => evalSMTPresponse() - Found SMTP success code: 250 [...]: > SUCCESS => Received: 250-rosalie.lxsbbshome.tld, > 250-PIPELINING, 250-SIZE 10240000, 250-VRFY, 250-ETRN, 250-STARTTLS, > 250-AUTH PLAIN, 250-ENHANCEDSTATUSCODES, 250-8BITMIME, 250-DSN, 250 > SMTPUTF8 [...]: DEBUG => The remote SMTP server supports TLS :) [...]: > DEBUG => Starting TLS [...]: INFO => Sending: STARTTLS [...]: > DEBUG => evalSMTPresponse() - Checking for SMTP success or error status > in the message: 220 2.0.0 Ready to start TLS [...]: DEBUG => > evalSMTPresponse() - Found SMTP success code: 220 [...]: SUCCESS => > Received: 220 2.0.0 Ready to start TLS [...]: ERROR => TLS > setup failed: SSL connect attempt failed because of handshake problems > error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake > failure > > > I've tried various settings but nothing has helped. > > then I install newer version of SSL.pm and SSLeay.pm with cpan, > and use newer version of sendEmail (1.56.5). > > Dec 19 00:50:38 rosalie postfix/smtpd[17390]: Anonymous TLS connection > established from robin.lxsbbshome.tld[192.168.0.17]: TLSv1.2 with > cipher AES128-SHA256 (128/128 bits) Dec 19 00:50:38 rosalie > postfix/smtpd[17390]: E332A2858CC: > client=robin.lxsbbshome.tld[192.168.0.17] Dec 19 00:55:38 rosalie > postfix/smtpd[17390]: timeout after DATA (0 bytes) from > robin.lxsbbshome.tld[192.168.0.17] Dec 19 00:55:58 rosalie > postfix/smtpd[17390]: disconnect from > robin.lxsbbshome.tld[192.168.0.17] ehlo=2 starttls=1 mail=1 rcpt=1 > data=0/1 commands=5/6 > > > Dec 19 00:50:38 robin sendEmail.lucia[1237]: DEBUG => Connecting to > rosalie.lxsbbshome.tld:25 [...] > Dec 19 00:50:38 robin sendEmail.lucia[1237]: SUCCESS => Received: > 220 2.0.0 Ready to start TLS Dec 19 00:50:38 robin > sendEmail.lucia[1237]: DEBUG => TLS: Using cipher: AES128-SHA256 Dec 19 > 00:50:38 robin sendEmail.lucia[1237]: DEBUG => TLS session > initialized :) Dec 19 00:50:38 robin sendEmail.lucia[1237]: INFO => > Sending: EHLO robin.lxsbbshome.tld [...] Dec 19 00:50:38 robin > sendEmail.lucia[1237]: SUCCESS => Received: 250 2.1.5 Ok Dec 19 > 00:50:38 robin sendEmail.lucia[1237]: INFO => Sending: DATA Dec > 19 00:50:38 robin sendEmail.lucia[1237]: DEBUG => evalSMTPresponse() - > Checking for SMTP success or error status in the message: 354 End data > with <CR><LF>.<CR><LF> Dec 19 00:50:38 robin sendEmail.lucia[1237]: > DEBUG => evalSMTPresponse() - Found SMTP success code: 354 Dec 19 > 00:50:38 robin sendEmail.lucia[1237]: SUCCESS => Received: 354 > End data with <CR><LF>.<CR><LF> Dec 19 00:50:38 robin > sendEmail.lucia[1237]: INFO => Sending message body > > handshake ok. > sendEmail hangs, I kill them after 5min. > my use flags on gentoo client and server: > USE="bindist mmx sse sse2 -mysql -mysqli -mssql maildir apache2 gd > vhosts postgres python sasl ssl imap unicode" > what else can I do?
It may be a postfix bug, or it may be that gentoo's openssl ciphers are more up to date and won't degrade the connection to SSLv3. Can you check what you get on the transaction with the server using openssl_client? Google for the correct commands to negotiate sending messages using telnet so that you know what to type on the console. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
