On Thu, July 19, 2018 10:19, Viktor Dukhovni wrote:
>
> This does not look *at all* similar to me. The client sent:
>
> EHLO
> STARTTLS + TLS complete handshake
> EHLO(inside TLS encrypted stream)
> MAIL FROM: (inside TLS encrypted stream)
> RCPT
On Thu, Jul 19, 2018 at 09:14:30AM -0400, James B. Byrne wrote:
> We are encountering errors with several domains similar to the one
> reported by samba.org:
>
> Jul 18 22:36:38 mx31 postfix-p25/smtpd[17802]: lost connection after
> DATA (0 bytes) from mailroot5.namespro.ca[158.85.87.68]
> Jul
On Wed, July 11, 2018 14:13, James B. Byrne wrote:
> On Wed, July 11, 2018 11:12, Viktor Dukhovni wrote:
>> On Wed, Jul 11, 2018 at 10:13:48AM -0400, James B. Byrne wrote:
>>
>>> > The connecting client did not like one of the certificates in the
>>> > chain. Perhaps it expected to find a
On Wed, Jul 11, 2018 at 02:13:46PM -0400, James B. Byrne wrote:
> > Any logs they're willing to share would likely be enlightening.
>
> I will ask.
Please do, and ask for permission to post the results here or with
me off-list, but I would also need permission to share the logs
with the Exim
On Wed, July 11, 2018 11:12, Viktor Dukhovni wrote:
> On Wed, Jul 11, 2018 at 10:13:48AM -0400, James B. Byrne wrote:
>
>> > The connecting client did not like one of the certificates in the
>> > chain. Perhaps it expected to find a working WebPKI certificate
>> > from one of the usual suspects
On Wed, Jul 11, 2018 at 10:13:48AM -0400, James B. Byrne wrote:
> > The connecting client did not like one of the certificates in the
> > chain. Perhaps it expected to find a working WebPKI certificate
> > from one of the usual suspects ("browser bundle" public root CAs).
> >
> > You should ask
On Tue, July 10, 2018 20:35, Viktor Dukhovni wrote:
>
> The connecting client did not like one of the certificates in the
> chain. Perhaps it expected to find working a WebPKI certificate
> from one of the usual suspects ("browser bundle" public root CAs).
>
> You should ask the postmaster of
On Tue, Jul 10, 2018 at 02:26:05PM -0400, James B. Byrne wrote:
> > What is the MX hostname associated with this Postfix instance? What
> > domains does it serve? That has bearing on the TLSA records seen
> > by the connecting SMTP client.
>
> mx31.harte-lyne.ca - harte-lyne.ca /
On Tue, July 10, 2018 13:05, Fazzina, Angelo wrote:
> When you test connecting to your servers yourself do you get any
> errors ?
> Not sure if sslv3 is ok to see if using TLS ???
>
> Commands to try, just replace with your server name
> openssl s_client -connect mta5.uits.uconn.edu:465
>
On Tue, July 10, 2018 13:30, Viktor Dukhovni wrote:
> On Tue, Jul 10, 2018 at 12:55:38PM -0400, James B. Byrne wrote:
>
>> We are migrating our Postfix MX services and in the process have
>> disrupted a setup which has been very stable for the past couple of
>> years. One of the remaining items
On Tue, Jul 10, 2018 at 12:55:38PM -0400, James B. Byrne wrote:
> We are migrating our Postfix MX services and in the process have
> disrupted a setup which has been very stable for the past couple of
> years. One of the remaining items is this sort of message which only
> started very recently:
, Server Systems
860-486-9075
-Original Message-
From: owner-postfix-us...@postfix.org On
Behalf Of Fazzina, Angelo
Sent: Tuesday, July 10, 2018 1:06 PM
To: postfix-users@postfix.org
Subject: RE: STARTTLS / DANE difficulties?
When you test connecting to your servers yourself do you get
When you test connecting to your servers yourself do you get any errors ?
Not sure if sslv3 is ok to see if using TLS ???
Commands to try, just replace with your server name
openssl s_client -connect mta5.uits.uconn.edu:465
openssl s_client -starttls smtp -connect mta5.uits.uconn.edu:587
13 matches
Mail list logo