Re: "Pipelining not supported" when connecting to port smtp or submission through OpenSSL command line utility
On Sat, Jan 19, 2019 at 02:03:33PM -0600, ed...@pettijohn-web.com wrote: > On Sat, Jan 19, 2019 at 08:12:29PM +0100, Johannes Krottmayer wrote: > > Hello, > > > > I have a question or a problem of understanding. > > > > When I try to connect through the the command line utility openssl to > > port smtp or submission I get this output: > > > > $ openssl s_client -connect odin42:25 > > openssl s_client -connect host:port -starttls smtp > > I did the same thing and forgot the starttls bit. The whole pipelining > thing doesn't really help to figure it out though. > yes :-/ the problem is that the SMTP engine expects an SMTP session, and instead it receives a blob which violates the protocol and likely contains a new line that triggers pipeline violation mechanism. maybe we can do better, will talk with others. -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: "Pipelining not supported" when connecting to port smtp or submission through OpenSSL command line utility
On Sat, Jan 19, 2019 at 08:12:29PM +0100, Johannes Krottmayer wrote: > Hello, > > I have a question or a problem of understanding. > > When I try to connect through the the command line utility openssl to > port smtp or submission I get this output: > > $ openssl s_client -connect odin42:25 openssl s_client -connect host:port -starttls smtp I did the same thing and forgot the starttls bit. The whole pipelining thing doesn't really help to figure it out though. > CONNECTED(0003) > 139782539474752:error:1408F10B:SSL routines:ssl3_get_record:wrong > version number:ssl/record/ssl3_record.c:252: > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 5 bytes and written 176 bytes > Verification: OK > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > No ALPN negotiated > SSL-Session: > Protocol : TLSv1.2 > Cipher: > Session-ID: > Session-ID-ctx: > Master-Key: > PSK identity: None > PSK identity hint: None > SRP username: None > Start Time: 1547924099 > Timeout : 7200 (sec) > Verify return code: 0 (ok) > Extended master secret: no > --- > $ > > And in /var/log/maillog on the server these messages appears: > > Jan 19 19:41:07 odin42 smtpd[25442]: 430c551fc99f310d smtp connected > address=194.96.2.67 host=194-96-2-67.adsl.highway.telekom.at > Jan 19 19:41:07 odin42 smtpd[25442]: 430c551fc99f310d smtp bad-input > address=194.96.2.67 host=194-96-2-67.adsl.highway.telekom.at result="500 > 5.5.1 Invalid command: Pipelining not supported" > Jan 19 19:41:07 odin42 smtpd[25442]: 430c551fc99f310d smtp disconnected > address=194.96.2.67 host=194-96-2-67.adsl.highway.telekom.at reason=quit > > When I connect to smtps port, everything works fine. > > Here is my listen setup of OpenSMTPD: > > # listen setup > listen on lo0 > listen on lo0 port 10028 tag DKIM > listen on egress tls pki mx1.krottmayer.com.pki auth-optional > listen on egress smtps pki mx1.krottmayer.com.pki auth > listen on egress port submission tls pki mx1.krottmayer.com.pki auth > > Could somebody check my configuration, please? > > Thanks in advance! > > -- > Best regards, > > Johannes > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
"Pipelining not supported" when connecting to port smtp or submission through OpenSSL command line utility
Hello, I have a question or a problem of understanding. When I try to connect through the the command line utility openssl to port smtp or submission I get this output: $ openssl s_client -connect odin42:25 CONNECTED(0003) 139782539474752:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:252: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 5 bytes and written 176 bytes Verification: OK --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher: Session-ID: Session-ID-ctx: Master-Key: PSK identity: None PSK identity hint: None SRP username: None Start Time: 1547924099 Timeout : 7200 (sec) Verify return code: 0 (ok) Extended master secret: no --- $ And in /var/log/maillog on the server these messages appears: Jan 19 19:41:07 odin42 smtpd[25442]: 430c551fc99f310d smtp connected address=194.96.2.67 host=194-96-2-67.adsl.highway.telekom.at Jan 19 19:41:07 odin42 smtpd[25442]: 430c551fc99f310d smtp bad-input address=194.96.2.67 host=194-96-2-67.adsl.highway.telekom.at result="500 5.5.1 Invalid command: Pipelining not supported" Jan 19 19:41:07 odin42 smtpd[25442]: 430c551fc99f310d smtp disconnected address=194.96.2.67 host=194-96-2-67.adsl.highway.telekom.at reason=quit When I connect to smtps port, everything works fine. Here is my listen setup of OpenSMTPD: # listen setup listen on lo0 listen on lo0 port 10028 tag DKIM listen on egress tls pki mx1.krottmayer.com.pki auth-optional listen on egress smtps pki mx1.krottmayer.com.pki auth listen on egress port submission tls pki mx1.krottmayer.com.pki auth Could somebody check my configuration, please? Thanks in advance! -- Best regards, Johannes -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org