From owner-freebsd-questions@FreeBSD.ORG Fri Nov 8 09:48:07 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3940614D for ; Fri, 8 Nov 2013 09:48:07 +0000 (UTC) (envelope-from ml@netfence.it) Received: from smtp.eutelia.it (mp1-smtp-6.eutelia.it [62.94.10.166]) by mx1.freebsd.org (Postfix) with ESMTP id B65B92CDC for ; Fri, 8 Nov 2013 09:48:06 +0000 (UTC) Received: from ns2.biolchim.it (ip-188-188.sn2.eutelia.it [83.211.188.188]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.eutelia.it (Eutelia) with ESMTP id 227896A8D62 for ; Fri, 8 Nov 2013 10:47:59 +0100 (CET) Received: from soth.ventu (adsl-ull-240-148.41-151.net24.it [151.41.148.240]) (authenticated bits=0) by ns2.biolchim.it (8.14.7/8.14.7) with ESMTP id rA89lktd011592 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 8 Nov 2013 10:47:51 +0100 (CET) (envelope-from ml@netfence.it) X-Authentication-Warning: ns2.biolchim.it: Host adsl-ull-240-148.41-151.net24.it [151.41.148.240] claimed to be soth.ventu Received: from alamar.ventu (alamar.ventu [10.1.2.18]) by soth.ventu (8.14.7/8.14.7) with ESMTP id rA89lePB007383; Fri, 8 Nov 2013 10:47:40 +0100 (CET) (envelope-from ml@netfence.it) Message-ID: <527CB33C.5090804@netfence.it> Date: Fri, 08 Nov 2013 10:47:40 +0100 From: Andrea Venturoli User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 MIME-Version: 1.0 To: "R. Scott Evans" Subject: Re: [Half OT] Mavericks' Mail and SSL References: <52718078.8080702@netfence.it> <5272C747.8030805@rsle.net> <5273EF3F.8040307@netfence.it> <5273FD23.7090207@rsle.net> <527554CE.1040605@netfence.it> <527905F3.6020501@rsle.net> In-Reply-To: <527905F3.6020501@rsle.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (ns2.biolchim.it [192.168.2.203]); Fri, 08 Nov 2013 10:47:51 +0100 (CET) X-Scanned-By: MIMEDefang 2.74 Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Nov 2013 09:48:07 -0000 On 11/05/13 15:51, R. Scott Evans wrote: > I'm using a CA signed certificate. So I suspect this might be the cause... I'll see if I can try with a CA signed certificate. > It's worth mentioning I also do SMTP Auth Me too, but I don't get that far. The connection is lost long before the HELO stage. > I only edit the .mc and let sendmail generate the .cf from that so I've > included the relevant portions of the .mc instead (below). > ... Look similar enough to mine... but I'll check better when I can. Meanwhile, I was able to get an ssldump: New TCP connection #1: xxxx.xxxxxx(51073) <-> host-43-19.xxxx.it(465) 1 1 0.0051 (0.0051) C>S Handshake ClientHello Version 3.1 cipher suites Unknown value 0xff Unknown value 0xc024 Unknown value 0xc023 Unknown value 0xc00a Unknown value 0xc009 Unknown value 0xc007 Unknown value 0xc008 Unknown value 0xc028 Unknown value 0xc027 Unknown value 0xc014 Unknown value 0xc013 Unknown value 0xc011 Unknown value 0xc012 Unknown value 0xc026 Unknown value 0xc025 Unknown value 0xc02a Unknown value 0xc029 Unknown value 0xc005 Unknown value 0xc004 Unknown value 0xc002 Unknown value 0xc003 Unknown value 0xc00f Unknown value 0xc00e Unknown value 0xc00c Unknown value 0xc00d Unknown value 0x3d Unknown value 0x3c Unknown value 0x2f TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 Unknown value 0x35 TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_NULL_SHA Unknown value 0x6b Unknown value 0x33 Unknown value 0x39 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA compression methods NULL 1 2 0.0077 (0.0026) S>C Handshake ServerHello Version 3.1 session_id[32]= e9 8a 9b b2 8b ca b4 bb 51 89 a7 94 8a 87 29 bb c1 bd f2 8e 05 03 3b 92 33 ca 32 53 d2 3b ce d9 cipherSuite Unknown value 0x2f compressionMethod NULL 1 3 0.0077 (0.0000) S>C Handshake Certificate 1 4 0.0077 (0.0000) S>C Handshake CertificateRequest certificate_types rsa_sign certificate_types dss_sign certificate_types unknown value certificate_authority 30 81 8f 31 0b 30 09 06 03 55 04 06 13 02 49 54 31 10 30 0e 06 03 55 04 08 13 07 42 6f 6c 6f 67 6e 61 31 25 30 23 06 03 55 04 0a 13 1c 4e 65 74 46 65 6e 63 65 20 64 69 20 56 65 6e 74 75 72 6f 6c 69 20 41 6e 64 72 65 61 31 22 30 20 06 03 55 04 03 13 19 4e 65 74 46 65 6e 63 65 20 72 6f 6f 74 20 63 65 72 74 69 66 69 63 61 74 65 31 23 30 21 06 09 2a 86 48 86 f7 0d 01 09 01 16 14 70 72 6f 62 6c 65 6d 73 40 6e 65 74 66 65 6e 63 65 2e 69 74 ServerHelloDone 1 0.0711 (0.0633) C>S TCP FIN 1 0.0713 (0.0002) S>C TCP FIN New TCP connection #2: xxxx.xxxxxx(51074) <-> host-43-19.xxxx.it(465) If anyone could make something out of this... bye & Thanks av.