[MDaemon-L] Return Mail

Syafril Hermansyah Wed, 14 Jan 2015 04:19:16 -0800

On 2015-01-14 17:01, Benny Kurniawan wrote:
> User kami mendapatkan error return mail seperti dibawah ini:
> 
>  
> 
> -----Original Message-----
> 
> From: Mail Delivery System [mailto:[email protected]]
> 
> The following message to <[email protected]
> <mailto:[email protected]>> was undeliverable.
> 
> The reason for the problem:
> 
> 5.1.0 - Unknown address error 530-'#5.7.0 Must issue a STARTTLS command
> first'


Ini masalah di smarthost mail domain jkt.itochu.co.id
(ganesha.ntt.net.id) yang setting SSL/TLS tidak baik sehingga gagal
handshake dengan server penerima.

$ host wingscorp.com
wingscorp.com has address 198.58.94.152
wingscorp.com mail is handled by 10 mymail2.wingscorp.com.
wingscorp.com mail is handled by 20 mymail3.wingscorp.com.
wingscorp.com mail is handled by 30 mymail4.wingscorp.com.

$ openssl s_client -starttls smtp -crlf -connect mymail2.wingscorp.com:25

CONNECTED(00000003)
depth=0 C = ID, CN = wingscorp.com, L = Jakarta, O = PT Sayap Mas Utama,
ST = Jakarta, OU = Security PT Sayap Mas Utama
verify error:num=18:self signed certificate
verify return:1
depth=0 C = ID, CN = wingscorp.com, L = Jakarta, O = PT Sayap Mas Utama,
ST = Jakarta, OU = Security PT Sayap Mas Utama
verify return:1

New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE

$ openssl s_client -starttls smtp -crlf -connect ganesha.ntt.net.id:25

CONNECTED(00000003)
depth=0 C = US, ST = California, L = San Bruno, O = "IronPort Systems,
Inc.", CN = IronPort Appliance Demo Certificate
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = US, ST = California, L = San Bruno, O = "IronPort Systems,
Inc.", CN = IronPort Appliance Demo Certificate
verify error:num=21:unable to verify the first certificate
verify return:1

New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS NOT supported

Minta ke ISP Anda untuk diperbaiki.

> Setelah dia kirim email tanggal 9 Jan 2015. Kalau saya lihat di smtp in
> log nya email tersebut sukses.

Hanya sukses terkirim ke smarthost smtp.ntt.net.id mestinya.
Coba perlihatkan transkrip smtp-out log lengkapnya agar bisa diketahui
kenapa tidak bisa connect langsung ke server wingscorp.com.


-- 
syafril
-------
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 14.5.3-64 Beta D, SP 4.5-64
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

You have to learn the rules of the game. And then you have to play
better than anyone else.
        --- Albert Einstein


-- 
--[MDaemon-L]------------------------------------------------
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: http://www.netmeister.org/news/learn2quote
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke MDaemon-L-unsubscribe [at] dutaint.com
Berlangganan: kirim mail ke MDaemon-L-subscribe [at] dutaint.com
Versi terakhir MD 14.5.2, SP 4.5, BES 2.0.2, OC 3.0, SG 3.0.2

[MDaemon-L] Return Mail

Kirim email ke