Re: [Evolution] Postfix TLS and Evolution

From: Franck Routier <franck routier axege com>
To: evolution-list gnome org
Subject: Re: [Evolution] Postfix TLS and Evolution
Date: Fri, 16 Dec 2005 15:05:16 +0100

Pete Biggs a écrit :

Surely the relaying of mail is determined by your server, not the client
- what are the error messages on the server?

Here is the log on the server of a failed attempt to send mail fromEvolution :

Dec 16 14:33:35 localhost postfix/smtpd[5395]: initializing theserver-side TLS engineDec 16 14:33:35 localhost postfix/smtpd[5395]: connect frommygate.com[xx.xx.xx.xx]Dec 16 14:33:35 localhost postfix/smtpd[5395]: setting up TLS connectionfrom mygate.com[xx.xx.xx.xx]Dec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:before/acceptinitializationDec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:error inSSLv2/v3 read client hello ADec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:error inSSLv2/v3 read client hello BDec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 readclient hello ADec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 writeserver hello ADec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 writecertificate ADec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 writecertificate request A

Dec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 flush data

Dec 16 14:33:35 localhost postfix/smtpd[5395]: SSL_accept:error in SSLv3read client certificate A

Dec 16 14:33:36 localhost last message repeated 2 times

Dec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 readclient certificate ADec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 readclient key exchange ADec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:error in SSLv3read certificate verify A <-----------this seems to be the pointwhere it fails

Dec 16 14:33:36 localhost last message repeated 3 times

Dec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 readfinished ADec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 writechange cipher spec ADec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 writefinished A

Dec 16 14:33:36 localhost postfix/smtpd[5395]: SSL_accept:SSLv3 flush data

Dec 16 14:33:36 localhost postfix/smtpd[5395]: TLS connectionestablished from mygate.com[xx.xx.xx.xx]: TLSv1 with cipher RC4-MD5(128/128 bits)Dec 16 14:33:36 localhost postfix/smtpd[5395]: NOQUEUE: reject: RCPTfrom mygate.com[xx.xx.xx.xx]: 554 <myfriend dest org>: Relay accessdenied; from=<franck routier axege com> to=<myfriend dest org>proto=ESMTP helo=<[yy.yy.yy.yy]>Dec 16 14:33:37 localhost postfix/smtpd[5395]: disconnect frommygate.com[xx.xx.xx.xx]

and this is a succesful attempt, from Mozilla, with the excact samecertificate :

Dec 16 14:13:57 localhost postfix/smtpd[5364]: initializing theserver-side TLS engineDec 16 14:13:57 localhost postfix/smtpd[5364]: connect frommygate.com[xx.xx.xx.xx]Dec 16 14:13:57 localhost postfix/smtpd[5364]: setting up TLS connectionfrom mygate.com[xx.xx.xx.xx]Dec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:before/acceptinitializationDec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:error inSSLv2/v3 read client hello ADec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:error in SSLv3read client hello BDec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:error in SSLv3read client hello BDec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 readclient hello BDec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 writeserver hello ADec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 writecertificate ADec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 writekey exchange ADec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 writecertificate request A

Dec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 flush data

Dec 16 14:13:57 localhost postfix/smtpd[5364]: SSL_accept:error in SSLv3read client certificate A

Dec 16 14:14:03 localhost last message repeated 2 times

Dec 16 14:14:03 localhost postfix/smtpd[5364]: certificate verificationdepth=1 subject=/C=FR/ST=Auvergne/L=Clermont-Ferrand/O=AxegeSarl/CN=Axege Sarl Root CA/emailAddress=franck routier axege com

Dec 16 14:14:03 localhost postfix/smtpd[5364]: verify return: 1

Dec 16 14:14:03 localhost postfix/smtpd[5364]: certificate verificationdepth=0 subject=/C=FR/ST=Auvergne/L=Clermont-Ferrand/O=AxegeSarl/CN=franck routier axege com/emailAddress=franck routier axege com

Dec 16 14:14:03 localhost postfix/smtpd[5364]: verify return: 1

Dec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 readclient certificate ADec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 readclient key exchange ADec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 readcertificate verify ADec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:error in SSLv3read finished A

Dec 16 14:14:03 localhost last message repeated 3 times

Dec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 readfinished ADec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 writechange cipher spec ADec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 writefinished A

Dec 16 14:14:03 localhost postfix/smtpd[5364]: SSL_accept:SSLv3 flush data

Dec 16 14:14:03 localhost postfix/smtpd[5364]:subject=/C=FR/ST=Auvergne/L=Clermont-Ferrand/O=AxegeSarl/CN=franck routier axege com/emailAddress=franck routier axege comDec 16 14:14:03 localhost postfix/smtpd[5364]:issuer=/C=FR/ST=Auvergne/L=Clermont-Ferrand/O=Axege Sarl/CN=Axege SarlRoot CA/emailAddress=franck routier axege comDec 16 14:14:03 localhost postfix/smtpd[5364]:fingerprint=BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BB:BBDec 16 14:14:03 localhost postfix/smtpd[5364]: Verified:subject_CN=franck routier axege com, issuer=Axege Sarl Root CADec 16 14:14:03 localhost postfix/smtpd[5364]: TLS connectionestablished from mygate.com[xx.xx.xx.xx]: TLSv1 with cipherDHE-RSA-AES256-SHA (256/256 bits)Dec 16 14:14:03 localhost postfix/smtpd[5364]: 6A1B7E3C37:client=mygate.com[xx.xx.xx.xx]Dec 16 14:14:03 localhost postfix/cleanup[5369]: 6A1B7E3C37:message-id=<43A2BDFC 10506 axege com>Dec 16 14:14:03 localhost postfix/qmgr[5269]: 6A1B7E3C37:from=<franck routier axege com>, size=549, nrcpt=1 (queue active)Dec 16 14:14:03 localhost postfix/smtpd[5373]: initializing theserver-side TLS engineDec 16 14:14:03 localhost postfix/smtpd[5364]: disconnect frommygate.com[xx.xx.xx.xx]Dec 16 14:14:03 localhost postfix/smtpd[5373]: connect fromlocalhost.localdomain[127.0.0.1]Dec 16 14:14:03 localhost postfix/smtpd[5373]: C45CCE3C3A:client=localhost.localdomain[127.0.0.1]Dec 16 14:14:03 localhost postfix/cleanup[5369]: C45CCE3C3A:message-id=<43A2BDFC 10506 axege com>Dec 16 14:14:03 localhost postfix/qmgr[5269]: C45CCE3C3A:from=<franck routier axege com>, size=982, nrcpt=1 (queue active)Dec 16 14:14:03 localhost postfix/smtpd[5373]: disconnect fromlocalhost.localdomain[127.0.0.1]

References:
- [Evolution] Postfix TLS and Evolution
  - From: Franck Routier
- Re: [Evolution] Postfix TLS and Evolution
  - From: Pete Biggs
- Re: [Evolution] Postfix TLS and Evolution
  - From: Franck Routier
- Re: [Evolution] Postfix TLS and Evolution
  - From: Pete Biggs
- Re: [Evolution] Postfix TLS and Evolution
  - From: Franck Routier

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]