Bug#467137: A TLS packet with unexpected length was received when receiving mail from MS Exchange 2003

2008-05-22 Thread Marc Haber 
On Tue, Mar 04, 2008 at 11:08:41PM +0100, Frank Segtrop wrote:
 Two days ago, the Microsoft Exchange 2003 server could no longer send mails 
 over this smarthost. The Exim log shows:
 A TLS packet with unexpected length was received.

I'm going to move this to a different bug report (#482404) to avoid
more clutter inside #467137. Please reply there only. I'll bounce the
relevant messages there in the next minuets.

Greetings
Marc

-- 
-
Marc Haber | I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things.Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#467137: A TLS packet with unexpected length was received

2008-04-18 Thread Frank Segtrop 
I could now test exim4 -d -bd with the Exchange box. As you can see, it 
does STARTTLS.


21172 Listening...
21273 SMTP EHLO XXX
21273 sender_fullhost = XXX [XXX]
21273 sender_rcvhost = XXX ([XXX])
21273 set_process_info: 21273 handling incoming connection from XXX [XXX]
21273 host in pipelining_advertise_hosts? yes (matched *)
21273 host in auth_advertise_hosts? yes (matched *)
21273 host in tls_advertise_hosts? yes (matched *)
21273 SMTP 250-XXX Hello XXX [XXX]
21273 250-SIZE 15728640
21273 250-PIPELINING
21273 250-AUTH PLAIN LOGIN
21273 250-STARTTLS
21273 250 HELP
21273 SMTP STARTTLS
21273 initializing GnuTLS as a server
21273 read D-H parameters from file
21273 initialized D-H parameters
21273 certificate file = /etc/ssl/mail.pem
21273 key file = /etc/ssl/mail.key
21273 verify certificates = 
/etc/ssl/certs/Visa_International_Global_Root_2.pem size=1274

21273 initialized certificate stuff
21273 host in tls_verify_hosts? no (option unset)
21273 host in tls_try_verify_hosts? no (end of list)
21273 initialized GnuTLS session
21273 SMTP 220 TLS go ahead
21273 gnutls_handshake was successful
21273 cipher: TLS1.0:RSA_ARCFOUR_MD5:16
21273 sender_fullhost = XXX [XXX]
21273 sender_rcvhost = XXX ([XXX])
21273 set_process_info: 21273 handling incoming TLS connection from XXX 
[XXX]

21273 TLS active
21273 Calling gnutls_record_recv(8156cf8, 8153fb0, 4096)
21273 LOG: MAIN
21273   TLS recv error on connection from XXX [XXX]: A TLS packet with 
unexpected length was received.

21273 SMTP 421 XXX lost input connection
21273 tls_do_write(81180f8, 55)
21273 gnutls_record_send(SSL, 81180f8, 55)
21273 outbytes=-10
21273 LOG: MAIN
21273   TLS send error on connection from XXX [XXX]: The specified 
session has been invalidated for some reason.

21273 LOG: smtp_connection MAIN
21273   SMTP connection from XXX [XXX] lost


Swaks, however, works fine.

-  220 XXX ESMTP Exim 4.69 Fri, 18 Apr 2008 10:01:24 +0200
- EHLO XXX
-  250-XXX Hello XXX [XXX]
-  250-SIZE 15728640
-  250-PIPELINING
-  250-AUTH PLAIN LOGIN
-  250-STARTTLS
-  250 HELP
- STARTTLS
-  220 TLS go ahead
=== TLS started w/ cipher DHE-RSA-AES256-SHA
~ EHLO XXX
~  250-XXX Hello XXX [XXX]
~  250-SIZE 15728640
~  250-PIPELINING
~  250-AUTH PLAIN LOGIN
~  250 HELP
~ MAIL FROM:
~  250 OK
~ RCPT TO:XXX
~  250 Accepted
~ DATA
~  354 Enter message, ending with . on a line by itself
~ Date: Fri, 18 Apr 2008 10:01:24 +0200
~ To: XXX
~ From: XXX
~ Subject: test Fri, 18 Apr 2008 10:01:24 +0200
~ X-Mailer: swaks v20061116.0 jetmore.org/john/code/#swaks
~
~ This is a test mailing
~
~ .
~  250 OK id=1JmlXB-0005gZ-1m
~ QUIT
~  221 XXX closing connection

Regards,
Frank Segtrop



signature.asc
Description: OpenPGP digital signature

Bug#467137: A TLS packet with unexpected length was received

2008-04-18 Thread Marc Haber 
On Fri, Apr 18, 2008 at 10:04:23AM +0200, Frank Segtrop wrote:
 I could now test exim4 -d -bd with the Exchange box. As you can see, it 
 does STARTTLS.

One more try: Try configuring exim to not request a client certificate.

Greetings
Marc
-- 
-
Marc Haber | I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things.Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#467137: A TLS packet with unexpected length was received

2008-04-18 Thread Frank Segtrop 

Marc Haber schrieb:

On Fri, Apr 18, 2008 at 10:04:23AM +0200, Frank Segtrop wrote:
  
I could now test exim4 -d -bd with the Exchange box. As you can see, it 
does STARTTLS.



One more try: Try configuring exim to not request a client certificate.
  
That is switched off, both tls_verify_hosts and tls_try_verify_hosts are 
unset.


13217 host in tls_verify_hosts? no (end of list)
13217 host in tls_try_verify_hosts? no (end of list)

**
Greetings
Frank



signature.asc
Description: OpenPGP digital signature