Date: Sun, 10 Jun 2001 09:36:00 -0400 From: "Dan Langille" <dan@langille.org> To: Alex Zepeda <jazepeda@pacbell.net> Cc: chat@freebsd.org Subject: Re: MTA authentications Message-ID: <200106101336.f5ADa1U61233@lists.unixathome.org> In-Reply-To: <20010610045013.B556@zippy.mybox.zip> References: <200106100343.f5A3hjU53739@lists.unixathome.org>; from dan@langille.org on Sat, Jun 09, 2001 at 11:43:44PM -0400
next in thread | previous in thread | raw e-mail | index | archive | help
On 10 Jun 2001, at 4:50, Alex Zepeda wrote: > On Sat, Jun 09, 2001 at 11:43:44PM -0400, Dan Langille wrote: > > > I also meant to say that it appears that this new "standard" is not > > backwards compatible. > > It is very much so. SSL is implemented via smtps (and depreciated), and > is essentially just SMTP being wrapped with SSL. TLS has been integrated > fully into SMTP (forgot the RFC here) via the STARTTLS (STLS in POP3) > command. > > Thus your MTA seems to be coerced into attempting an TLS connection (this > is advertised w/ the EHLO response)... and it's being denied. Likely > because of lack of certificate. If your MTA didn't support TLS at all, > you {probably,should} see a different error message. Interesting. I just tried a manual message: [dan@lists:/etc/mail] $ telnet mail.thedatasource.net 25 Trying 207.91.110.72... Connected to mail.thedatasource.net. Escape character is '^]'. 220 thedatasource.net ESMTP CommuniGate Pro 3.2.4 helo lists.unixathome.org 250 thedatasource.net is pleased to meet you mail from: dan@langille.org 250 dan@langille.org sender accepted rcpt to: piskapo@thedatasource.net 250 piskapo@thedatasource.net will leave the Internet DATA 354 Enter mail, end with "." on a line by itself This is a test message. Mail to you has been blocked by the following error: Jun 11 00:31:42 lists sendmail[59846]: f583XcY11785: TLS: error: SSL_connect failed=0 (5) Jun 11 00:31:42 lists sendmail[59846]: f583XcY11785: ruleset=tls_server, arg1=SOFTWARE, relay=dan@localhost, rejec t=403 4.7.0 piskapo@thedatasource.net... TLS handshake failed. . 250 1090082 message accepted for delivery quit 221 thedatasource.net SMTP The Data Source Network Closing - All Your e-mail Are Belong To Us! Connection closed by foreign host. Which appears to have worked... But when I tried to send a message to the postmaster: Jun 11 01:29:26 lists sendmail[61162]: f5ADTOU61162: from=<dan@langille.org>, size=1172, class=0, nrcpts=1, msgid= <200106101329.f5ADTOU61162@lists.unixathome.org>, proto=ESMTP, daemon=MTA, relay=lists.unixathome.org [210.48.103. 158] Jun 11 01:29:28 lists sendmail[61164]: f5ADTOU61162: TLS: error: SSL_connect failed=0 (5) Jun 11 01:29:28 lists sendmail[61164]: f5ADTOU61162: ruleset=tls_server, arg1=SOFTWARE, relay=lists.unixathome.org [210.48.103.158], reject=403 4.7.0 <postmaster@thedatasource.net>... TLS handshake failed. Jun 11 01:29:28 lists sendmail[61164]: f5ADTOU61162: to=<postmaster@thedatasource.net>, ctladdr=<dan@langille.org> (1001/1001), delay=00:00:03, xdelay=00:00:02, mailer=esmtp, pri=31172, relay=mail.thedatasource.net. [207.91.110. 72], dsn=4.0.0, stat=Deferred: 403 4.7.0 <postmaster@thedatasource.net>... TLS handshake failed. Hmmmm. -- Dan Langille pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106101336.f5ADa1U61233>