subject:"\[MDaemon\-L\] SSL negotiation failed"

[Mdaemon-L] SSL Negotiation Failed

2022-05-25 Terurut Topik Syafril Hermansyah via Mdaemon-L


Pada 25/05/22 16.00, Rievo Niemrod Efraim via Mdaemon-L menulis:

Di force retry to send saja agar nanti MDaemon akan kirim mail tanpa SSL/TLS .


Ini caranya gimana ya Pak ?



Dari MDconfig menu Queues | Process Retry queue.


Pilihan lain, masukkan MX host server.midatrade.com kedalam NO-STARTTLS list



http://mdaemon.dutaint.co.id/mdaemon/22.0/ssl_white-list.html


Kami masih menggunakan Mdaemon v21.5.2
Jadi saya Host server.midatrade.com  masukan di STARTTTLS White list ya Pak ?



Ya, juga untuk host midatrade.com.



Problem ini penyebabnya apa ya Pak syafril ?



SSL yang digunakan server.midatrade.com algoritma nya tidak cocok dengan 
yang digunakan server bb.ptbmi.com, sehingga proses SSL handshakingnya 
lama (TLS time out).





--
syafril

Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 22.0.0 64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

I'm unpredictable, I never know where I'm going until I get there, I'm 
so random, I'm always growing, learning, changing, I'm never the same 
person twice. But one thing you can be sure of about me; is I will 
always do exactly what I want to do.

--- C. JoyBell C.


--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2

[Mdaemon-L] SSL Negotiation Failed

2022-05-25 Terurut Topik Rievo Niemrod Efraim via Mdaemon-L

> Di force retry to send saja agar nanti MDaemon akan kirim mail tanpa SSL/TLS .

Ini caranya gimana ya Pak ? 


> Pilihan lain, masukkan MX host server.midatrade.com kedalam NO-STARTTLS list

> http://mdaemon.dutaint.co.id/mdaemon/22.0/ssl_white-list.html

Kami masih menggunakan Mdaemon v21.5.2
Jadi saya Host server.midatrade.com  masukan di STARTTTLS White list ya Pak ?

Problem ini penyebabnya apa ya Pak syafril ?

Terima Kasih
Rievo

--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2

[Mdaemon-L] SSL Negotiation Failed

2022-05-25 Terurut Topik Syafril Hermansyah via Mdaemon-L


Pada 25/05/22 15.30, Rievo Niemrod Efraim via Mdaemon-L menulis:

Mohon bantuannya, user kami kirim email keluar
Tetapi muncul error / notif delay

Berikut log SMPT OUT nya




Wed 2022-05-25 10:21:01.096: [61055568] *  SSL negotiation failed, error code 
0x80090326
Wed 2022-05-25 10:21:01.096: [61055568] *  162.241.213.116 added to temporary 
SSL white list; will retry delivery soon



Di force retry to send saja agar nanti MDaemon akan kirim mail tanpa 
SSL/TLS .


Pilihan lain, masukkan MX host server.midatrade.com kedalam NO-STARTTLS list

http://mdaemon.dutaint.co.id/mdaemon/22.0/ssl_white-list.html
--
syafril

Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 22.0.0 64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

I have not failed. I've just found 10,000 ways that won't work.
--- Thomas A. Edison


--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2

[Mdaemon-L] SSL Negotiation Failed

2022-05-25 Terurut Topik Rievo Niemrod Efraim via Mdaemon-L

Selamat Siang 

Dear Pak Syafril 
Mohon bantuannya, user kami kirim email keluar
Tetapi muncul error / notif delay 

Berikut log SMPT OUT nya 

Terima Kasih
Rievo 

Wed 2022-05-25 10:18:45.869: --
Wed 2022-05-25 10:20:38.594: [61055568] REMOTE message: pd3501001981575.msg
Wed 2022-05-25 10:20:38.594: [61055568] *  Session 61055568; child 0001
Wed 2022-05-25 10:20:38.594: [61055568] *  From: y...@ptbmi.com
Wed 2022-05-25 10:20:38.594: [61055568] *  To: mida.y...@midatrade.com
Wed 2022-05-25 10:20:38.594: [61055568] *  Subject: FW: DRAFT DOC NORDIC 
100014237
Wed 2022-05-25 10:20:38.594: [61055568] *  Message-ID: 
<00eb01d86fe5$ffa66b00$fef34100$@ptbmi.com>
Wed 2022-05-25 10:20:38.594: [61055568] *  Size: 187821; 

Wed 2022-05-25 10:20:38.602: [61055568] *  Archived: 
(archives)\ptbmi.com\out\y...@ptbmi.com\arc500163492.msg
Wed 2022-05-25 10:20:38.602: [61055568] *  Route slip host: midatrade.com
Wed 2022-05-25 10:20:38.603: [61055568] *  Route slip port: 25
Wed 2022-05-25 10:20:38.606: [61055568] Resolving MX record for midatrade.com 
(DNS Server: 202.148.7.49)...
Wed 2022-05-25 10:20:38.874: [61055568] *  P=000 S=000 D=midatrade.com TTL=(60) 
MX=[midatrade.com]
Wed 2022-05-25 10:20:38.874: [61055568] Attempting SMTP connection to 
midatrade.com
Wed 2022-05-25 10:20:38.874: [61055568] Resolving A record for midatrade.com 
(DNS Server: 202.148.7.49)...
Wed 2022-05-25 10:20:39.119: [61055568] *  D=midatrade.com TTL=(60) 
A=[162.241.213.116]
Wed 2022-05-25 10:20:39.119: [61055568] Attempting SMTP connection to 
162.241.213.116:25
Wed 2022-05-25 10:20:39.119: [61055568] Waiting for socket connection...
Wed 2022-05-25 10:20:39.380: [61055568] *  Connection established 
172.16.0.6:43414 --> 162.241.213.116:25
Wed 2022-05-25 10:20:39.380: [61055568] Waiting for protocol to start...
Wed 2022-05-25 10:21:00.234: [61055568] <-- 220-server.midatrade.com ESMTP Exim 
4.95 #2 Wed, 25 May 2022 03:21:00 + 
Wed 2022-05-25 10:21:00.234: [61055568] <-- 220-We do not authorize the use of 
this system to transport unsolicited, 
Wed 2022-05-25 10:21:00.234: [61055568] <-- 220 and/or bulk e-mail.
Wed 2022-05-25 10:21:00.234: [61055568] --> EHLO bb.ptbmi.com
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-server.midatrade.com Hello 
bb.ptbmi.com [202.148.25.131]
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-SIZE 104857600
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-8BITMIME
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-PIPELINING
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-PIPE_CONNECT
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-AUTH PLAIN LOGIN
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250-STARTTLS
Wed 2022-05-25 10:21:00.518: [61055568] <-- 250 HELP
Wed 2022-05-25 10:21:00.518: [61055568] --> STARTTLS
Wed 2022-05-25 10:21:00.805: [61055568] <-- 220 TLS go ahead
Wed 2022-05-25 10:21:01.096: [61055568] *  SSL negotiation failed, error code 
0x80090326
Wed 2022-05-25 10:21:01.096: [61055568] *  162.241.213.116 added to temporary 
SSL white list; will retry delivery soon
Wed 2022-05-25 10:21:01.097: [61055568] *  This message is 0 minutes old; it 
has 60 minutes left in this queue
Wed 2022-05-25 10:21:01.097: [61055568] SMTP session terminated (Bytes in/out: 
379/188)
Wed 2022-05-25 10:21:01.097: --


--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 22.0, SecurityGateway 8.5.2

[mdaemon-l] SSL Negotiation Failed

2021-02-09 Terurut Topik Syafril Hermansyah via mdaemon-l

On 10/02/21 10.31, Ivan wrote:
>> Berikan lognya yang lengkap 1 session, jangan dipotong-potong.

> Wed 2021-02-10 08:43:09.643: 04: *  SSL negotiation failed, error code 
> 0x8009030f 


Ini problem di algoritma SSL yang berbeda antara sender dengan receiver.

Error code 0x8009030f artinya sender kirim dengan protocol SSL 3.0 atau TLS 1.0
yang tidak didukung oleh receiver, karena SSL 3.0 maupun TLS 1.0 sudah obsolete
(deprecated).

https://docs.microsoft.com/en-us/windows/win32/secauthn/schannel-error-codes-for-tls-and-ssl-alerts

Perbaiki windows SSL (Schannel) di server webmail.pttdp.com agar tidak lagi
pakai SSL 1.0 s/d SSL 3.0 serta TLS 1.0 dan TLS 1.1.

Gunakan SSL test untuk check protocol dan algoritma yang aktif

https://www.ssllabs.com/ssltest/

dan utiliy IIScrypto untuk menghapus algoritma yang tidak lagi diperlukan.

https://www.nartac.com/Products/IISCrypto

lengkapnya bisa dibaca disini

https://www.mail-archive.com/mdaemon-l@dutaint.com/msg43010.html

$ openssl s_client -starttls smtp -connect webmail.pttdp.com:587

No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-256, 256 bits


$ openssl s_client -starttls smtp -connect awtmx2.sophos.id:587

No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: DH, 2048 bits


-- 
syafril

Syafril Hermansyah

MDaemon-L Moderator, run MDaemon 21.0 64bit
Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon.

There are three kinds of men. The ones that learn by readin’. The few who learn
by observation.
The rest of them have to pee on the electric fence for themselves.
--- Will Rogers



-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 20.0.3, SecurityGateway 7.0.2

[mdaemon-l] SSL Negotiation Failed

2021-02-09 Terurut Topik Ivan


On 10/02/21 09:56, Syafril Hermansyah via mdaemon-l wrote:

Berikan lognya yang lengkap 1 session, jangan dipotong-potong.

Session 311325; child 0001
Wed 2021-02-10 08:43:09.444: 01: Parsing message 


Wed 2021-02-10 08:43:09.445: 01: *  From: cash...@pttdp.com
Wed 2021-02-10 08:43:09.445: 01: *  To: riezky.nugr...@aswata.co.id
Wed 2021-02-10 08:43:09.445: 01: *  Subject: Re: Konfirmasi pembayaran - 
IDR. 1,328,296.00

Wed 2021-02-10 08:43:09.445: 01: *  Size (bytes): 401876
Wed 2021-02-10 08:43:09.445: 01: *  Message-ID: 
<36d7f456-e9de-a099-b92e-163e13be0...@pttdp.com>

Wed 2021-02-10 08:43:09.446: 01: *  Route slip host: aswata.co.id
Wed 2021-02-10 08:43:09.446: 01: *  Route slip port: 25
Wed 2021-02-10 08:43:09.450: 05: Resolving MX record for aswata.co.id 
(DNS Server: 203.142.82.222)...
Wed 2021-02-10 08:43:09.455: 05: *  P=000 S=000 D=aswata.co.id TTL=(5) 
MX=[awtmx1.sophos.id]
Wed 2021-02-10 08:43:09.455: 05: Attempting SMTP connection to 
awtmx1.sophos.id
Wed 2021-02-10 08:43:09.455: 05: Resolving  record for 
awtmx1.sophos.id (DNS Server: 203.142.82.222)...
Wed 2021-02-10 08:43:09.462: 05: *  awtmx1.sophos.id added to internal 
 lookup black-list
Wed 2021-02-10 08:43:09.462: 04: *  DNS server reports no valid records 
for the requested type found
Wed 2021-02-10 08:43:09.462: 05: Resolving A record for awtmx1.sophos.id 
(DNS Server: 203.142.82.222)...
Wed 2021-02-10 08:43:09.466: 05: *  D=awtmx1.sophos.id TTL=(5) 
A=[203.142.64.117]
Wed 2021-02-10 08:43:09.467: 05: Attempting SMTP connection to 
203.142.64.117:25

Wed 2021-02-10 08:43:09.467: 05: Waiting for socket connection...
Wed 2021-02-10 08:43:09.470: 05: *  Connection established 
192.168.10.2:52574 --> 203.142.64.117:25

Wed 2021-02-10 08:43:09.470: 05: Waiting for protocol to start...
Wed 2021-02-10 08:43:09.480: 02: <-- 220 awtmx2.sophos.id ESMTP ready.
Wed 2021-02-10 08:43:09.483: 03: --> EHLO webmail.pttdp.com
Wed 2021-02-10 08:43:09.486: 02: <-- 250-awtmx2.sophos.id Hello 
webmail.pttdp.com [117.102.88.187]

Wed 2021-02-10 08:43:09.486: 02: <-- 250-SIZE 20971520
Wed 2021-02-10 08:43:09.486: 02: <-- 250-8BITMIME
Wed 2021-02-10 08:43:09.486: 02: <-- 250-PIPELINING
Wed 2021-02-10 08:43:09.486: 02: <-- 250-AUTH PLAIN LOGIN
Wed 2021-02-10 08:43:09.486: 02: <-- 250-STARTTLS
Wed 2021-02-10 08:43:09.486: 02: <-- 250 HELP
Wed 2021-02-10 08:43:09.486: 03: --> STARTTLS
Wed 2021-02-10 08:43:09.491: 02: <-- 220 TLS go ahead
Wed 2021-02-10 08:43:09.643: 04: *  SSL negotiation failed, error code 
0x8009030f
Wed 2021-02-10 08:43:09.643: 04: *  203.142.64.117 added to temporary 
SSL white list; will retry delivery soon

Wed 2021-02-10 08:43:09.644: 05: Attempting to send message to smart host
Wed 2021-02-10 08:43:09.644: 05: Attempting SMTP connection to 
secure.emailsrvr.com
Wed 2021-02-10 08:43:09.644: 05: *  secure.emailsrvr.com found in 
internal  lookup black-list
Wed 2021-02-10 08:43:09.644: 05: Resolving A record for 
secure.emailsrvr.com (DNS Server: 203.142.82.222)...
Wed 2021-02-10 08:43:09.827: 05: *  D=secure.emailsrvr.com TTL=(5) 
A=[166.78.79.129]
Wed 2021-02-10 08:43:09.828: 05: Attempting SMTP connection to 
166.78.79.129:25

Wed 2021-02-10 08:43:09.828: 05: Waiting for socket connection...
Wed 2021-02-10 08:43:10.053: 05: *  Connection established 
192.168.10.2:52575 --> 166.78.79.129:25

Wed 2021-02-10 08:43:10.053: 05: Waiting for protocol to start...
Wed 2021-02-10 08:43:10.980: 02: <-- 220 
smtp25.relay.ord1c.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 
forbids use of this system for unsolicited bulk electronic mail (Spam)

Wed 2021-02-10 08:43:10.983: 03: --> EHLO webmail.pttdp.com
Wed 2021-02-10 08:43:11.208: 02: <-- 250-smtp25.relay.ord1c.emailsrvr.com
Wed 2021-02-10 08:43:11.208: 02: <-- 250-PIPELINING
Wed 2021-02-10 08:43:11.208: 02: <-- 250-SIZE 7500
Wed 2021-02-10 08:43:11.208: 02: <-- 250-ETRN
Wed 2021-02-10 08:43:11.208: 02: <-- 250-STARTTLS
Wed 2021-02-10 08:43:11.208: 02: <-- 250-AUTH PLAIN LOGIN
Wed 2021-02-10 08:43:11.208: 02: <-- 250-AUTH=PLAIN LOGIN
Wed 2021-02-10 08:43:11.208: 02: <-- 250-ENHANCEDSTATUSCODES
Wed 2021-02-10 08:43:11.208: 02: <-- 250 8BITMIME
Wed 2021-02-10 08:43:11.208: 03: --> STARTTLS
Wed 2021-02-10 08:43:11.432: 02: <-- 220 2.0.0 Ready to start TLS
Wed 2021-02-10 08:43:11.904: 01: SSL negotiation successful (TLS 1.2, 
256 bit key exchange, 256 bit AES encryption)
Wed 2021-02-10 08:43:11.909: 01: SSL certificate is valid (matches 
secure.emailsrvr.com and is signed by recognized CA)

Wed 2021-02-10 08:43:11.909: 03: --> EHLO webmail.pttdp.com
Wed 2021-02-10 08:43:12.134: 02: <-- 250-smtp25.relay.ord1c.emailsrvr.com
Wed 2021-02-10 08:43:12.134: 02: <-- 250-PIPELINING
Wed 2021-02-10 08:43:12.134: 02: <-- 250-SIZE 7500
Wed 2021-02-10 08:43:12.134: 02: <-- 250-ETRN
Wed 2021-02-10 08:43:12.134: 02: <-- 250-AUTH PLAIN LOGIN
Wed 2021-02-10 08:43:12.135: 02: <-- 250-AUTH=PLAIN LOGIN
Wed 2021-02-10 08:43:12.135: 02: <-- 250-ENHANCEDSTATUSCODES
Wed 2021-02-10 08:43:12.135: 02: <

[mdaemon-l] SSL Negotiation Failed

2021-02-09 Terurut Topik Syafril Hermansyah via mdaemon-l

On 10/02/21 09.26, Ivan wrote:
> Pak kalau SSL Negotiation Failed biasanya kenapa ya ?


Berikan lognya yang lengkap 1 session, jangan dipotong-potong.
-- 
syafril

Syafril Hermansyah

MDaemon-L Moderator, run MDaemon 21.0 64bit
Mohon tidak kirim private mail (atau cc:) untuk masalah MDaemon.

Change is the end result of all true learning.
--- Leo Buscaglia



-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 20.0.3, SecurityGateway 7.0.2

[mdaemon-l] SSL Negotiation Failed

2021-02-09 Terurut Topik Ivan

Pak kalau SSL Negotiation Failed biasanya kenapa ya ? Apakah Failed krn 
disisi CBN atau disisi penerima ? sehingga message dioper ke smarthost 
tidak direct ke penerima.


Wed 2021-02-10 08:43:09.483: 03: --> EHLO webmail.pttdp.com
Wed 2021-02-10 08:43:09.486: 02: <-- 250-awtmx2.sophos.id Hello 
webmail.pttdp.com [117.102.88.187]

Wed 2021-02-10 08:43:09.486: 02: <-- 250-SIZE 20971520
Wed 2021-02-10 08:43:09.486: 02: <-- 250-8BITMIME
Wed 2021-02-10 08:43:09.486: 02: <-- 250-PIPELINING
Wed 2021-02-10 08:43:09.486: 02: <-- 250-AUTH PLAIN LOGIN
Wed 2021-02-10 08:43:09.486: 02: <-- 250-STARTTLS
Wed 2021-02-10 08:43:09.486: 02: <-- 250 HELP
Wed 2021-02-10 08:43:09.486: 03: --> STARTTLS
Wed 2021-02-10 08:43:09.491: 02: <-- 220 TLS go ahead
Wed 2021-02-10 08:43:09.643: 04: * SSL negotiation failed, error code 
0x8009030f
Wed 2021-02-10 08:43:09.643: 04: *  203.142.64.117 added to temporary 
SSL white list; will retry delivery soon

Wed 2021-02-10 08:43:09.644: 05: Attempting to send message to smart host
Wed 2021-02-10 08:43:09.644: 05: Attempting SMTP connection to 
secure.emailsrvr.com
Wed 2021-02-10 08:43:09.644: 05: *  secure.emailsrvr.com found in 
internal  lookup black-list
Wed 2021-02-10 08:43:09.644: 05: Resolving A record for 
secure.emailsrvr.com (DNS Server: 203.142.82.222)...
Wed 2021-02-10 08:43:09.827: 05: *  D=secure.emailsrvr.com TTL=(5) 
A=[166.78.79.129]
Wed 2021-02-10 08:43:09.828: 05: Attempting SMTP connection to 
166.78.79.129:25

Wed 2021-02-10 08:43:09.828: 05: Waiting for socket connection...
Wed 2021-02-10 08:43:10.053: 05: *  Connection established 
192.168.10.2:52575 --> 166.78.79.129:25

Wed 2021-02-10 08:43:10.053: 05: Waiting for protocol to start...
Wed 2021-02-10 08:43:10.980: 02: <-- 220 
smtp25.relay.ord1c.emailsrvr.com ESMTP - VA Code Section 18.2-152.3:1 
forbids use of this system for unsolicited bulk electronic mail (Spam)

Wed 2021-02-10 08:43:10.983: 03: --> EHLO webmail.pttdp.com
Wed 2021-02-10 08:43:11.208: 02: <-- 250-smtp25.relay.ord1c.emailsrvr.com

--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir: MDaemon 20.0.3, SecurityGateway 7.0.2

[mdaemon-l] SSL negotiation failed

2018-11-15 Terurut Topik Syafril Hermansyah

On 15/11/18 14.53, Dedet Saputra (dedetsapu...@kobexindo.com) wrote:
> kalau error kirim email seperti ini kenapa ya, padahal sebelumnya bisa
> kirim.
> 
>  Wed 2018-11-07 13:08:50: <-- 220 TLS go ahead
>  Wed 2018-11-07 13:08:50: SSL negotiation failed, error code 0x80090308
>  Wed 2018-11-07 13:08:50: This message is 2 days old; it has 0 days left to 
> get delivered


Koneksi time out saat handshaking smtp/tls, akibat ssl algoritma tidak
sesuai.

Upgrade Windows OS Anda dan upgrade MDaemon agar bisa menggunakan
SMTP/TLS dengan Schannel Protocol TLS 1.2.

lihat ke artikel arsip berikut

https://www.mail-archive.com/mdaemon-l@dutaint.com/msg43010.html
https://www.mail-archive.com/mdaemon-l@dutaint.com/msg43011.html

sementara belum diupgrade maka non aktifkan koneksi smtp/tls saat
pengiriman.

http://mdaemon.dutaint.co.id/mdaemon/18.5/index.html?ssl_mdaemon.htm

[ ] SMTP server sends mail using STARTTLS when possible


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 18.5.1-64 bit
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Banyak yang tidak menyadari bahwa untuk bisa menjadi pemimpin yang baik
sebenarnya harus pernah membuktikan dirinya pernah menjadi orang yang
dipimpin.
--- Dahlan Iskan


-- 
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.5.1, SG 5.5.0

[mdaemon-l] SSL negotiation failed

2018-11-14 Terurut Topik Dedet Saputra


Yth Pak Syafril,

kalau error kirim email seperti ini kenapa ya, padahal sebelumnya bisa 
kirim.


MDaemon Delivery Status Notification -http://www.altn.com/dsn/
--

The attached message had PERMANENT fatal delivery errors.

After one or more unsuccessful delivery attempts the attached message has
been removed from the MDaemon mail queue on this server.  The number and
frequency of delivery attempts are determined by local configuration.

--
YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS
--

Failed address:i...@idwebhost.com

--- Session Transcript ---
 Wed 2018-11-07 13:08:48: Session 053485; child 0001
 Wed 2018-11-07 13:08:48: Parsing message 

 Wed 2018-11-07 13:08:48: *  From:dedetsapu...@kobexindo.com
 Wed 2018-11-07 13:08:48: *  To:i...@idwebhost.com
 Wed 2018-11-07 13:08:48: *  Subject: Re: Request Faktur Pajak 
kobexindotower.com
 Wed 2018-11-07 13:08:48: *  Size (bytes): 212147
 Wed 2018-11-07 13:08:48: *  
Message-ID:<8f2fbd5c-821e-3bd0-0015-8ab6c94ba...@kobexindo.com>
 Wed 2018-11-07 13:08:48: Attempting SMTP connection to [idwebhost.com]
 Wed 2018-11-07 13:08:48: Resolving MX records for [idwebhost.com] (DNS Server: 
202.150.128.65)...
 Wed 2018-11-07 13:08:48: *  P=000 S=000 D=idwebhost.com TTL=(3) 
MX=[idwebhost.com]
 Wed 2018-11-07 13:08:48: Attempting SMTP connection to [idwebhost.com:25]
 Wed 2018-11-07 13:08:49: Resolving A record for [idwebhost.com] (DNS Server: 
202.150.128.65)...
 Wed 2018-11-07 13:08:49: *  D=idwebhost.com TTL=(3) A=[202.52.147.85]
 Wed 2018-11-07 13:08:49: Attempting SMTP connection to [202.52.147.85:25]
 Wed 2018-11-07 13:08:49: Waiting for socket connection...
 Wed 2018-11-07 13:08:49: *  Connection established (202.150.137.87:58608 -> 
202.52.147.85:25)
 Wed 2018-11-07 13:08:49: Waiting for protocol to start...
 Wed 2018-11-07 13:08:49: <-- 220-migrate.idwebhost.com ESMTP Exim 4.91 #1 Wed, 
07 Nov 2018 13:08:43 +0700
 Wed 2018-11-07 13:08:49: <-- 220-We do not authorize the use of this system to 
transport unsolicited,
 Wed 2018-11-07 13:08:49: <-- 220 and/or bulk e-mail.
 Wed 2018-11-07 13:08:49: --> EHLO mailhub.kobexindo.com
 Wed 2018-11-07 13:08:49: <-- 250-migrate.idwebhost.com Hello 
mailhub.kobexindo.com [202.150.137.87]
 Wed 2018-11-07 13:08:49: <-- 250-SIZE 52428800
 Wed 2018-11-07 13:08:49: <-- 250-8BITMIME
 Wed 2018-11-07 13:08:49: <-- 250-PIPELINING
 Wed 2018-11-07 13:08:49: <-- 250-AUTH PLAIN LOGIN
 Wed 2018-11-07 13:08:49: <-- 250-STARTTLS
 Wed 2018-11-07 13:08:49: <-- 250 HELP
 Wed 2018-11-07 13:08:49: --> STARTTLS
 Wed 2018-11-07 13:08:50: <-- 220 TLS go ahead
 Wed 2018-11-07 13:08:50: SSL negotiation failed, error code 0x80090308
 Wed 2018-11-07 13:08:50: This message is 2 days old; it has 0 days left to get 
delivered
--- End Transcript ---


--
Signature Email Salam,
Dedet Saputra

--
--[mdaemon-l]--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server di Indonesia

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Berlangganan: Kirim mail ke mdaemon-l-subscr...@dutaint.com
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 18.5.1, SG 5.5.0

[MDaemon-L] SSL negotiation failed

2017-10-06 Terurut Topik Syafril Hermansyah

On 06/10/17 13:52, Muhammad Rosyad wrote:
> Mohon pencerahannya untuk pesan error berikut ini:


> *  SSL negotiation failed, error code 0x80090326


error 0x80090326 artinya SEC_E_CERT_UNKNOWN atau TLS1_ALERT_BAD_CERTIFICATE.

Pakai windows OS apa?
Kalau sudah pakai Win7 keatas maka disable SSLv2 dan SSLv3 di windows.

http://www.grouppolicy.biz/2017/03/disable-ssl-v2-ssl-v3-windows-server-via-group-policy/

Untuk sementara bisa masukkan recipient host *.websitehostserver.net dan
recipient domain *.syscal.co.id kedalam STARTTLS white list.

http://mdaemon.dutaint.co.id/mdaemon/17.5/index.html?ssl_white-list.htm


-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, running MDaemon 17.5.0-64, SP 5.1-64
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

Study the past if you would define the future.
---  Confucius


-- 
--MDaemon-L--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 17.5.0, SP 5.1, OC 5.0, SG 4.5.1

[MDaemon-L] SSL negotiation failed

2017-10-05 Terurut Topik Muhammad Rosyad

Selamat siang Pak Syafril,
Mohon pencerahannya untuk pesan error berikut ini:


=  Session Transcript  =


  Session 260096; child 0001
  Parsing message 
  *  From: endik.wars...@kpi.co.id
  *  To: sept...@syscal.co.id
  *  Subject: RE: Penawaran Kalibrasi
  *  Size (bytes): 111588
  *  Message-ID: <003d01d33da3$c9acb960$5d062c20$@wars...@kpi.co.id>
  *  Route slip host: syscal.co.id
  *  Route slip port: 25
  Resolving MX record for syscal.co.id (DNS Server: 192.168.1.33)...
  *  P=000 S=000 D=syscal.co.id TTL=(178) MX=[syscal.co.id]
  Attempting SMTP connection to syscal.co.id
  *  Match to IP cache syscal.co.id 184.154.130.114
  Waiting for socket connection...
  *  Connection established 192.168.1.2:4448 --> 184.154.130.114:25
  Waiting for protocol to start...
  <-- 220-chi-rs33.websitehostserver.net ESMTP Exim 4.89 #1 Thu, 05 Oct
2017 02:04:38 -0500
  <-- 220-We do not authorize the use of this system to transport
unsolicited,
  <-- 220 and/or bulk e-mail.
  --> EHLO kpi.co.id
  <-- 250-chi-rs33.websitehostserver.net Hello kpimailsrv.kpi.co.id
[203.130.234.210]
  <-- 250-SIZE 52428800
  <-- 250-8BITMIME
  <-- 250-PIPELINING
  <-- 250-AUTH PLAIN LOGIN
  <-- 250-STARTTLS
  <-- 250 HELP
  --> STARTTLS
  <-- 220 TLS go ahead
  *  SSL negotiation failed, error code 0x80090326
  *  This message is 30 minutes old; it has 0 minutes left in this queue
  Remote queue lifetime exceeded; message placed in retry queue


=End Transcript=


Terimakasih.

Salam,
Rosyad

-- 


__

Disclaimer :
__

This message is intended for the lawful recipient(s) explicitly stated in 
above only. 
It may contain confidential information prohibited for any Unauthorized use 
by any party other than the lawful addressee. The message, information and 
statement expressed herein should also be legally privileged for the lawful 
recipient(s).

If you are not the intended recipient(s) or person responsible for 
delivering it to the intended recipient(s), you must therefore be notified 
not to copy, print, distribute or take any action in reliance on it, 
directly or indirectly.
__
Please consider *ENVIRONTMENT* before PRINTING this email .
-- 
--MDaemon-L--
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.

Netiket: https://wiki.openstack.org/wiki/MailingListEtiquette
Arsip: http://mdaemon-l.dutaint.com
Dokumentasi : http://mdaemon.dutaint.co.id
Henti Langgan: Kirim mail ke mdaemon-l-unsubscr...@dutaint.com
Versi terakhir MD 17.5.0, SP 5.1, OC 5.0, SG 4.5.1

[mdaemon-l] SSL Negotiation Failed

2007-11-28 Terurut Topik Syafril Hermansyah

On 29/11/07 08:01 +07:00 Hadi/NID wrote:
> Ada beberapa Mail yg gagal terkirim karena
> SSL Negotiation failed.
> dan semua mail ditujukan ke domain stanley.co.id
> 
> Saya sudah coba create ulang SSL nya, restart server
> masih belum beres juga.
> Kira2 apa penyebabnya dan kenapa hanya bermasalah jika
> kirim ke domain tersebut.

Yg punya SSL problem itu di server tujuan, shg Anda create ulang berapa
kalipun tdk akan menyelesaikan masalah.
Kirimi SMS atau FAX ke postmasternya atau utk sementara Anda disable SSL
SMTP.

-- 
syafril
---
Syafril Hermansyah
MDaemon-L Moderators, MDaemon 9.6.3 R under WinXP
Harap tidak cc: atau kirim ke private mail untuk masalah MDaemon.

-- 
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.
Mohon tidak posting dengan format HTML, pastikan selalu menggunakan Format 
Plain-text

Arsip  : 
Henti Langgan  : 
Berlangganan   : 
Versi Terakhir : MD 9.6.3, MDSP 3.0.5, MDOC 2.1.6

[mdaemon-l] SSL Negotiation Failed

2007-11-28 Terurut Topik Hadi/NID


Selamat Pagi Pak,

Ada beberapa Mail yg gagal terkirim karena
SSL Negotiation failed.
dan semua mail ditujukan ke domain stanley.co.id

Saya sudah coba create ulang SSL nya, restart server
masih belum beres juga.
Kira2 apa penyebabnya dan kenapa hanya bermasalah jika
kirim ke domain tersebut.

Berikut log nya :


Wed 2007-11-28 00:54:15: Parsing message 


Wed 2007-11-28 00:54:15: *  From: [EMAIL PROTECTED]
Wed 2007-11-28 00:54:15: *  To: [EMAIL PROTECTED]
Wed 2007-11-28 00:54:15: *  Subject: RE: pending order
Wed 2007-11-28 00:54:15: *  Message-ID: 
<[EMAIL PROTECTED]>

Wed 2007-11-28 00:54:15: Attempting SMTP connection to [stanley.co.id]
Wed 2007-11-28 00:54:15: Resolving MX records for [stanley.co.id] (DNS 
Server: 202.158.3.7)...
Wed 2007-11-28 00:54:16: *  P=005 S=001 D=stanley.co.id TTL=(15) 
MX=[mail.stanley.co.id] {203.130.194.27}
Wed 2007-11-28 00:54:16: *  P=010 S=000 D=stanley.co.id TTL=(15) 
MX=[mailgate2.telkom.net.id]

Wed 2007-11-28 00:54:16: Attempting SMTP connection to [203.130.194.27:25]
Wed 2007-11-28 00:54:16: Waiting for socket connection...
Wed 2007-11-28 00:54:18: *  Connection established (202.158.12.70:53594 
-> 203.130.194.27:25)

Wed 2007-11-28 00:54:18: Waiting for protocol to start...
Wed 2007-11-28 00:54:29: <-- 220 Welcome to Indonesia Stanley Electric 
Server ESMTP

Wed 2007-11-28 00:54:29: --> EHLO nagase.co.id
Wed 2007-11-28 00:54:31: <-- 250-Welcome to Indonesia Stanley Electric 
Server

Wed 2007-11-28 00:54:31: <-- 250-STARTTLS
Wed 2007-11-28 00:54:31: <-- 250-8BITMIME
Wed 2007-11-28 00:54:31: <-- 250 AUTH LOGIN PLAIN CRAM-MD5
Wed 2007-11-28 00:54:31: --> STARTTLS
Wed 2007-11-28 00:54:33: <-- 220 ready for tls
Wed 2007-11-28 00:54:35: SSL negotation failed, error code 0x80090326
Wed 2007-11-28 00:54:35: This message is 0 days old; it has 2 days left 
to get delivered

Wed 2007-11-28 00:54:35: SMTP session terminated (Bytes in/out: 184/29) 



--


Regards,
Hadi Purnomo



--
--[MDaemon-L]
Milis ini untuk Diskusi antar pengguna MDaemon Mail Server.
Mohon tidak posting dengan format HTML, pastikan selalu menggunakan Format 
Plain-text

Arsip  : 
Henti Langgan  : 
Berlangganan   : 
Versi Terakhir : MD 9.6.3, MDSP 3.0.5, MDOC 2.1.6

[Mdaemon-L] SSL Negotiation Failed

[Mdaemon-L] SSL Negotiation Failed

[Mdaemon-L] SSL Negotiation Failed

[Mdaemon-L] SSL Negotiation Failed

[mdaemon-l] SSL Negotiation Failed

[mdaemon-l] SSL Negotiation Failed

[mdaemon-l] SSL Negotiation Failed

[mdaemon-l] SSL Negotiation Failed

[mdaemon-l] SSL negotiation failed

[mdaemon-l] SSL negotiation failed

[MDaemon-L] SSL negotiation failed

[MDaemon-L] SSL negotiation failed

[mdaemon-l] SSL Negotiation Failed

[mdaemon-l] SSL Negotiation Failed

14 matches

Site Navigation

Mail list logo

Footer information