Hi Greeting from Turkey. Nowadays, an smtp server requirement come up and i decided to add mail exchange functionality to my OpenBSD 6.7 virtual machine. According to article on poolp.org, i set up it and started some test. Both ports (25 and 587) accepts SSL connections with starttls. While testing my configuration with openssl[1] there was no problem but when i use nmap[2] for testing ssl ciphers/protocols the OpenSMPTd service quits with errors[3]. I know my nmap command is useful while testing non-starttls services but i used it just want to see what happens.
My OpenSMTPd setup simple and exactly the same as shown in "[0]" except SSL key and cert part. I'm not an expert about computers, so please don't get me wrong but I'm expecting that the smtpd daemon will continue to serve rather than quit. Because, the error is on client side. My setup could be wrong or my expectations are wrong or ... ? [0] " https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd/ " [1] openssl s_client -connect my_IP:25 -starttls smtp ( -tls1 / -tls1_1 / -tls1_2 / -tls1_3 ) [2] nmap --script ssl-enum-ciphers -p 25 my_IP [3] Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa31a3a9d44 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa31a3a9d44 smtp bad-input result="500 5.5.1 Invalid command: Pipelining not supported" Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa31a3a9d44 smtp disconnected reason=quit Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa443b518b5 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa443b518b5 smtp disconnected reason="io-error: error:1402710B:SSL routines:ACCEPT_SR_CLNT_HELLO_C:wrong version number" Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa53b199936 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa6db5e7ce5 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:22 volgograd smtpd[29365]: 287f8aa72b8aa932 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa6db5e7ce5 smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa53b199936 smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa72b8aa932 smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa87d5ddc88 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa918b83c2f smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aaa668d461e smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa918b83c2f smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aa87d5ddc88 smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aaa668d461e smtp disconnected reason="io-error: error:140270C1:SSL routines:ACCEPT_SR_CLNT_HELLO_C:no shared cipher" Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aab71a20c23 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aaccf2338c6 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aadc01152b9 smtp connected address=XX.YY.ZZ.QQ host=MY_SMTP_HOST Jul 17 16:06:23 volgograd smtpd[29365]: 287f8aab71a20c23 smtp disconnected reason="io-error: No TLS error" Jul 17 16:06:23 volgograd smtpd[18599]: smtpd: process pony socket closed -- *Fatih C.*
