On 27 April 2018 at 08:57, Poliman - Serwis <ser...@poliman.pl> wrote:
> 2018-04-27 8:22 GMT+02:00 Dominic Raferd <domi...@timedicer.co.uk>: >> >> I have always received a number of warning messages (from >> postfix/smtpd) stating 'TLS library problem' in my mail logs and I >> think they are always followed by a dropped incoming connection. I >> have hitherto assumed that they reflect a badly-configured (probably >> spamming) foreign client/host, but the messages could be read as >> implying an internal problem on my mailserver. Which is true? >> >> The details of the reported error messages over the recent period can >> be summarised thus: >> >> $ grep -a "warning: TLS library problem" /var/log/mail.log.1 >> /var/log/mail.log|grep -o "error:.*"|sort|uniq -c|sort -nr >> 12 error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version >> number:s3_pkt.c:362: >> 11 error:1408A10B:SSL routines:ssl3_get_client_hello:wrong >> version number:s3_srvr.c:960: >> 10 error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown >> protocol:s23_srvr.c:640: >> 2 error:1408A0E3:SSL routines:ssl3_get_client_hello:parse >> tlsext:s3_srvr.c:1239: >> >> Should I be concerned about these messages? > I have almost same logs. Some time ago I asked people on this mailing list. > They said that somebody tries to connect to your server but he can't because > of too old ssl he uses. You can ignore it. Thanks for your reply. In the absence of comments to the contrary I take that as canonical. I still think the TLS library problem warning message is confusing, but at least I can stop worrying about it.
