Re: [exim] TLS error in incoming emails from *.outlook.com

Thank you Victor, your detailed analysis of the TCP dump made me look into the right direction. Virtualisation (KVM) is also used here, but that was not the reason for the behaviour. It also wasnt TCP offloading, although used. The culprit was a firewall. I am a bit limited as to what I

Re: [exim] TLS error in incoming emails from *.outlook.com

On 2018-02-12 20:57, Ian Zimmerman via Exim-users wrote: > Ok, it was on, I disabled it. We'll see soon enough if your > hypothesis is right :-) No change :-( But in my case, all the messages actually make it through. Also, I checked my old logfiles, and this was the case even with GnuTLS.

Re: [exim] TLS error in incoming emails from *.outlook.com

> On Feb 12, 2018, at 11:57 PM, Ian Zimmerman via Exim-users > wrote: > > I am slightly surprised I could do that; I'd have expected only root on > the host machine to have that power. I would also expect that typically the changes need to happen on the host, though some

Re: [exim] TLS error in incoming emails from *.outlook.com

On 2018-02-12 22:50, Viktor Dukhovni via Exim-users wrote: > > My server runs in a KVM. Doesn't that rule out hardware TCP > > offloading as the culprit? > > No, it rather makes the problem more likely. Virtual machines are > often behind NAT, which can be incompatible with TCP offload, and >

Re: [exim] TLS error in incoming emails from *.outlook.com

> On Feb 12, 2018, at 10:19 PM, Ian Zimmerman via Exim-users > wrote: > >> My previous assesment was wrong: even when exim was compiled with >> OpenSSL instead of GnuTLS the error did occur, albeit with a different >> error message. > > Same here. The new error message

Re: [exim] TLS error in incoming emails from *.outlook.com

On 2018-02-13 02:21, Andreas Bauer via Exim-users wrote: > First, thanks to everyone contributing and sorry I did not have time > to more deeply troubleshoot the SSL issue. > My previous assesment was wrong: even when exim was compiled with > OpenSSL instead of GnuTLS the error did occur, albeit

Re: [exim] TLS error in incoming emails from *.outlook.com

> On Feb 12, 2018, at 8:21 PM, Andreas Bauer via Exim-users > wrote: > > 504 540.259940 40.92.67.82 TCP 66 >45792 → 25 [SYN, ECN, CWR] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 > 505 540.259967 40.92.67.82

Re: [exim] TLS error in incoming emails from *.outlook.com

First, thanks to everyone contributing and sorry I did not have time to more deeply troubleshoot the SSL issue. My previous assesment was wrong: even when exim was compiled with OpenSSL instead of GnuTLS the error did occur, albeit with a different error message. Because it is a production

Re: [exim] TLS error in incoming emails from *.outlook.com

On 07/02/18 18:25, Ian Zimmerman wrote: >> 2017-11-27 13:22:55 >> TLS error on connection from >> mail-oln040092070016.outbound.protection.outlook.com >> (EUR03-AM5-obe.outbound.protection.outlook.com) [40.92.70.16] (send): The >> specified session has been invalidated for some reason. >>

Re: [exim] TLS error in incoming emails from *.outlook.com

> 2017-11-27 13:22:55 > TLS error on connection from > mail-oln040092070016.outbound.protection.outlook.com > (EUR03-AM5-obe.outbound.protection.outlook.com) [40.92.70.16] (send): The > specified session has been invalidated for some reason. > 2017-11-27 13:23:46 > 1eJILV-0001Gg-K3 TLS error

Re: [exim] TLS error in incoming emails from *.outlook.com

Hello, replying to myself, this problem is indeed related to GnuTLS in the Debian strech compile of Exim4. Once I did this: sudo apt-get update sudo apt-get upgrade sudo apt-get build-dep exim4 sudo apt-get install --no-install-recommends devscripts fakeroot apt-get source exim4 perl -i -pe

Re: [exim] TLS error in incoming emails from *.outlook.com

On 27/11/17 20:43, Kirill Miazine via Exim-users wrote: > I'm having another issue with *.outlook.com, please see below. I don't > mean to hijack the thread, but maybe report will help tracking down the > issue. > Nov 25 18:03:17 puffy exim[17107]: SSL_write: (from >

Re: [exim] TLS error in incoming emails from *.outlook.com

I'm having another issue with *.outlook.com, please see below. I don't mean to hijack the thread, but maybe report will help tracking down the issue. * Andreas Bauer via Exim-users [2017-11-27 13:30]: > Hello all, > > we have a well configured mail server with exi 4.89 on Debian 9, and > use a

Re: [exim] TLS error in incoming emails from *.outlook.com

On 27/11/17 17:42, Viktor Dukhovni wrote: >> On Nov 27, 2017, at 12:24 PM, Jeremy Harris wrote: >> >> b) >> Fire up wireshark, grab from the interface corresponding to the expected >> inbound, filtering by that IP (for either src or dest). > > Definitely warrants a PCAP

Re: [exim] TLS error in incoming emails from *.outlook.com

> On Nov 27, 2017, at 12:24 PM, Jeremy Harris wrote: > > b) > Fire up wireshark, grab from the interface corresponding to the expected > inbound, filtering by that IP (for either src or dest). Definitely warrants a PCAP capture. Can Exim do [more] verbose logging based on

Re: [exim] TLS error in incoming emails from *.outlook.com

On 27/11/17 12:30, Andreas Bauer via Exim-users wrote: > 2017-11-27 13:22:55 > TLS error on connection from > mail-oln040092070016.outbound.protection.outlook.com > (EUR03-AM5-obe.outbound.protection.outlook.com) [40.92.70.16] (send): The > specified session has been invalidated for some