Received: from mymachine.tld (mymachine.tld. [9.8.7.6])
by mx.google.com with ESMTP id
p5si1775654qvb.199.2020.10.15.09.52.15
for <[email protected]>;
Thu, 15 Oct 2020 09:52:15 -0700 (PDT)
Received: from mymachine.tld (mymachine.tld. [9.8.7.6])
by mx.google.com with ESMTP id n10si156346qvl.1.2020.10.15.13.37.49
for <[email protected]>;
Thu, 15 Oct 2020 13:37:49 -0700 (PDT)
No mention whatsoever of TLS, the next lines of the headers begin:
Received-SPF: pass
On 10/15/20 3:32 PM, Eric Broch wrote:
Check the header of an email you've sent to Gmail from your QMT, you
should see something like the following:
Received: from localhost (mx.mydomain.com. [xxx.xxx.xxx.xxx])
by mx.google.com with ESMTPS id
be3si1766151plb.73.2020.10.15.11.34.29
for <[email protected]>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
I'm sending from a CentOS 8/QMT I just fired up and am testing.
Eric
On 10/15/2020 12:57 PM, Jim McNamara wrote:
Hello, list!
According to http://www.qmailtoaster.net/notls.html , all outbound
SMTP should be using TLS unless a domain is configured explicitly not
use it. However, without even creating the directory
/var/qmail/control/notlshosts every message I send from my server to
gmail.com is going unencrypted. The /var/log/qmail/send/current file
has entries like:
2020-10-15 14:29:58.418313500 new msg 8428251
2020-10-15 14:29:58.418315500 info msg 8428251: bytes 574 from
<[email protected]> qp 511025 uid 89
2020-10-15 14:29:58.418336500 starting delivery 1: msg 8428251 to
remote [email protected]
2020-10-15 14:29:58.418337500 status: local 0/10 remote 1/60
2020-10-15 14:29:59.220407500 delivery 1: success:
<[email protected]>_173.194.204.26_accepted_message./Remote_host_said:_250_2.0.0_OK__1602786599_w13si301qtv.16_-_gsmtp/
2020-10-15 14:29:59.220525500 status: local 0/10 remote 0/60
2020-10-15 14:29:59.220563500 end msg 8428251
The message in gmail shows up with the padlock having a red line
through it, indicating it was not encrypted during transit. Since I
see the 250 in the send log, I would assume that should my server
attempt to use TLS, there should be a, "starttls" getting logged?
My /var/qmail/supervise/send/run file is simply:
#!/bin/sh
exec /var/qmail/rc
Did I do something wrong that outbound SMTP is not even asking for TLS?
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
