Re: gmail and opportunistic encryption failing

2020-02-03 Thread ED Fochler 
Matt,

I can find no such problem on my server from the same time period.  
Test e-mail went through without hesitation.  Gmail is very dynamic and you can 
get rate-limited if you try to send mail that they consider spam.  I regularly 
flush gmail-bound mail that gmail has already rejected at least once so that it 
doesn't contribute to my bounce rate.  gmail servers usually reply with helpful 
comments though.

ED.


> On 2020, Jan 31, at 2:03 PM, Matt Schwartz  wrote:
> 
> Hello list,
> 
> Today I just noticed something in my maillog that I figured I should report. 
> The log output is sanitized.
> Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp connected 
> address= host=mail.example.com
> Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp tls 
> ciphers=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
> Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp authentication 
> user=u...@example.com result=ok
> Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp message 
> msgid=69f7f6f7 size=1935 nrcpt=1 proto=ESMTP
> Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp envelope 
> evpid=69f7f6f7bd1f34a9 from= to=
> Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp disconnected 
> reason=quit
> Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connecting 
> address=smtp://173.194.206.27:25 host=qj-in-f27.1e100.net
> Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connected
> Jan 31 13:31:23 meow smtpd[12615]: smtp-out: Error on session 
> fe92e7693154957a: opportunistic TLS failed, downgrading to plain
> Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connecting 
> address=smtp+notls://173.194.206.27:25 host=qj-in-f27.1e100.net
> Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connected
> Jan 31 13:31:24 meow smtpd[12615]: fe92e7693154957a mta delivery 
> evpid=69f7f6f7bd1f34a9 from= to= rcpt=<-> 
> source="" relay="173.194.206.27 (qj-in-f27.1e100.net)" delay=1s 
> result="Ok" stat="250 2.0.0 OK  1580495484 x5si6993135qki.322 - gsmtp"
> Jan 31 13:31:34 meow smtpd[12615]: fe92e7693154957a mta disconnected 
> reason=quit messages=1
> 
> I am inclined to believe that this is gmail's screw-up because test emails 
> sent to Outlook, GMX, Yahoo, and AOL deliver over TLS 1.2 perfectly. I am 
> wondering if this is happening to others. If it isn't, I will try changing my 
> server's IP address. I am running OpenSMTPD 6.6.2 on OpenBSD-current.
> 
> Thanks,
> Matt

gmail and opportunistic encryption failing

2020-01-31 Thread Matt Schwartz 
Hello list,

Today I just noticed something in my maillog that I figured I should
report. The log output is sanitized.
Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp connected
address= host=mail.example.com
Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp tls
ciphers=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp authentication
user=u...@example.com result=ok
Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp message
msgid=69f7f6f7 size=1935 nrcpt=1 proto=ESMTP
Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp envelope
evpid=69f7f6f7bd1f34a9 from= to=
Jan 31 13:31:23 meow smtpd[12615]: fe92e766062cfe9b smtp disconnected
reason=quit
Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connecting
address=smtp://173.194.206.27:25 host=qj-in-f27.1e100.net
Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connected
Jan 31 13:31:23 meow smtpd[12615]: smtp-out: Error on session
fe92e7693154957a: opportunistic TLS failed, downgrading to plain
Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connecting
address=smtp+notls://173.194.206.27:25 host=qj-in-f27.1e100.net
Jan 31 13:31:23 meow smtpd[12615]: fe92e7693154957a mta connected
Jan 31 13:31:24 meow smtpd[12615]: fe92e7693154957a mta delivery
evpid=69f7f6f7bd1f34a9 from= to= rcpt=<->
source="" relay="173.194.206.27 (qj-in-f27.1e100.net)" delay=1s
result="Ok" stat="250 2.0.0 OK  1580495484 x5si6993135qki.322 - gsmtp"
Jan 31 13:31:34 meow smtpd[12615]: fe92e7693154957a mta disconnected
reason=quit messages=1

I am inclined to believe that this is gmail's screw-up because test emails
sent to Outlook, GMX, Yahoo, and AOL deliver over TLS 1.2 perfectly. I am
wondering if this is happening to others. If it isn't, I will try changing
my server's IP address. I am running OpenSMTPD 6.6.2 on OpenBSD-current.

Thanks,
Matt