Hi, Le 13/09/2017 à 09:13, Niels Kobschätzki a écrit : > > RCPT TO: <[email protected]> > RENEGOTIATING > 2383074270240:error:1400444C:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 > alert no renegotiation:/usr/src/lib/libssl/ssl_pkt.c:1205:SSL alert > number 100 > 2383074270240:error:140040E5:SSL routines:CONNECT_CR_SRVR_HELLO:ssl > handshake failure:/usr/src/lib/libssl/ssl_pkt.c:585: >
Does this happen only with this domain (kobschaetzki.net) as RCPT? If so I guess the answer here (from a SSL/TLS test): “The server supports a client-initiated secure renegotiation that may be unsafe and allow Denial of Service attacks.” And your above log clearly state that there is renegotiation happening and your SSL stack treats this as a fatal error, which I think is right. Regards, Bruno
signature.asc
Description: OpenPGP digital signature
