Presumably related to the new version of openssl.
Scott K
On June 28, 2022 3:11:43 PM UTC, Bernard Spil wrote:
>On Tue, 14 Jun 2022 12:20:39 +0200 Michiel Hazelhof
>wrote:
>> Package: postfix
>> Version: 3.6.4-1+b3
>>
>> After upgrading to 3.6.4-1+b3 some clients get ssl handshake issues,
>> appears to be more promininent on some machines than others, the hitrate
>> appears to be 1:50.
>>
>> Downgrading to 3.6.4-1+b2 immediately solves the issues, what has changed?
>>
>> --
>> With regards,
>>
>> Michiel Hazelhof.
>>
>
>Have issues with SSL handshakes on Ubuntu 22.04 with Postfix 3.6.4. My current
>guess is this is related to the switch to OpenSSL 3.0 and an incompatibility
>with JavaMail (exact versions unknown).
>
>Not sure what error you get in the logs, I see:
>
>for SMTP+STARTTLS:
>connect from mailhost.example.com[192.0.1.2]
>SSL_accept error from mailhost.example.com[192.0.1.2]: -1
>warning: TLS library problem: error:0A0003F2:SSL routines::sslv3 alert
>unexpected message:../ssl/record/rec_layer_s3.c:1584:SSL alert number 10:
>lost connection after STARTTLS from mailhost.example.com[192.0.1.2]
>disconnect from mailhost.example.com[192.0.1.2] ehlo=1 starttls=0/1
>commands=1/2
>
>for smtps:
>connect from mailhost.example.com[192.0.1.2]
>SSL_accept error from mailhost.example.com[192.0.1.2]: -1
>warning: TLS library problem: error:0A0003F2:SSL routines::sslv3 alert
>unexpected message:../ssl/record/rec_layer_s3.c:1584:SSL alert number 10:
>?lost connection after CONNECT from mailhost.example.com[192.0.1.2]
>disconnect from mailhost.example.com[192.0.1.2] commands=0/0
>
>Can you share the actual error message you're seeing? (not sure what version
>OpenSSL debian vanilla uses).
>(via email direct to me would help too).
>
>Cheers, Bernard Spil
>
