From owner-freebsd-chat Sun Jun 10 6:36:28 2001 Delivered-To: freebsd-chat@freebsd.org Received: from lists.unixathome.org (lists.unixathome.org [210.48.103.158]) by hub.freebsd.org (Postfix) with ESMTP id 32E8F37B42C for ; Sun, 10 Jun 2001 06:36:08 -0700 (PDT) (envelope-from dan@langille.org) Received: from wocker (lists.unixathome.org [210.48.103.158]) by lists.unixathome.org (8.11.1/8.11.1) with ESMTP id f5ADa1U61233; Mon, 11 Jun 2001 01:36:02 +1200 (NZST) (envelope-from dan@langille.org) Message-Id: <200106101336.f5ADa1U61233@lists.unixathome.org> From: "Dan Langille" Organization: novice in training To: Alex Zepeda Date: Sun, 10 Jun 2001 09:36:00 -0400 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: MTA authentications Reply-To: dan@langille.org Cc: chat@freebsd.org References: <200106100343.f5A3hjU53739@lists.unixathome.org>; from dan@langille.org on Sat, Jun 09, 2001 at 11:43:44PM -0400 In-reply-to: <20010610045013.B556@zippy.mybox.zip> X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 10 Jun 2001, at 4:50, Alex Zepeda wrote: > On Sat, Jun 09, 2001 at 11:43:44PM -0400, Dan Langille wrote: > > > I also meant to say that it appears that this new "standard" is not > > backwards compatible. > > It is very much so. SSL is implemented via smtps (and depreciated), and > is essentially just SMTP being wrapped with SSL. TLS has been integrated > fully into SMTP (forgot the RFC here) via the STARTTLS (STLS in POP3) > command. > > Thus your MTA seems to be coerced into attempting an TLS connection (this > is advertised w/ the EHLO response)... and it's being denied. Likely > because of lack of certificate. If your MTA didn't support TLS at all, > you {probably,should} see a different error message. Interesting. I just tried a manual message: [dan@lists:/etc/mail] $ telnet mail.thedatasource.net 25 Trying 207.91.110.72... Connected to mail.thedatasource.net. Escape character is '^]'. 220 thedatasource.net ESMTP CommuniGate Pro 3.2.4 helo lists.unixathome.org 250 thedatasource.net is pleased to meet you mail from: dan@langille.org 250 dan@langille.org sender accepted rcpt to: piskapo@thedatasource.net 250 piskapo@thedatasource.net will leave the Internet DATA 354 Enter mail, end with "." on a line by itself This is a test message. Mail to you has been blocked by the following error: Jun 11 00:31:42 lists sendmail[59846]: f583XcY11785: TLS: error: SSL_connect failed=0 (5) Jun 11 00:31:42 lists sendmail[59846]: f583XcY11785: ruleset=tls_server, arg1=SOFTWARE, relay=dan@localhost, rejec t=403 4.7.0 piskapo@thedatasource.net... TLS handshake failed. . 250 1090082 message accepted for delivery quit 221 thedatasource.net SMTP The Data Source Network Closing - All Your e-mail Are Belong To Us! Connection closed by foreign host. Which appears to have worked... But when I tried to send a message to the postmaster: Jun 11 01:29:26 lists sendmail[61162]: f5ADTOU61162: from=, size=1172, class=0, nrcpts=1, msgid= <200106101329.f5ADTOU61162@lists.unixathome.org>, proto=ESMTP, daemon=MTA, relay=lists.unixathome.org [210.48.103. 158] Jun 11 01:29:28 lists sendmail[61164]: f5ADTOU61162: TLS: error: SSL_connect failed=0 (5) Jun 11 01:29:28 lists sendmail[61164]: f5ADTOU61162: ruleset=tls_server, arg1=SOFTWARE, relay=lists.unixathome.org [210.48.103.158], reject=403 4.7.0 ... TLS handshake failed. Jun 11 01:29:28 lists sendmail[61164]: f5ADTOU61162: to=, ctladdr= (1001/1001), delay=00:00:03, xdelay=00:00:02, mailer=esmtp, pri=31172, relay=mail.thedatasource.net. [207.91.110. 72], dsn=4.0.0, stat=Deferred: 403 4.7.0 ... TLS handshake failed. Hmmmm. -- Dan Langille pgpkey - finger dan@unixathome.org | http://unixathome.org/finger.php To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message