From nobody Thu Aug 28 16:49:41 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cCS716Krvz66JTX; Thu, 28 Aug 2025 16:49:49 +0000 (UTC) (envelope-from ronald@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cCS715mGHz3KKc; Thu, 28 Aug 2025 16:49:49 +0000 (UTC) (envelope-from ronald@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1756399789; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=557hkX2e3S/jlGrpe5kJe4Hrk+pcedYhUi8yl2zU6S8=; b=Oi2WihGjJSJwqm7wDnwmNbh6492Dg7TEQAyF/7OPN8G3jTSp/0lHNdzhGH5DIwkV/7w0Hv ohfMEhZon5maiz2rzZTMsoc9ylxgV5qTLxn3lMDixwK2vBUkPbRmz5zQ3jiwkT+xCcAcRC vHhSbHTorksV2ycHq2lgcjn3Gc8vr/CF/Sqzg1UyQip7RfFZIvICLrejPmWz19B/mBio4u mGEwjyqZFNPqb+F0twiHF/YGaqh9e02K0mlv3OSV//59BGObyWTb4ALYiDdePAjHqAdkHM 6Y4EE4/kDpcv57Wxeb0FH36KvBtEsklLzIKTMaWHtUc6sbE/FMhyCBy00Vn7ZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1756399789; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=557hkX2e3S/jlGrpe5kJe4Hrk+pcedYhUi8yl2zU6S8=; b=XwPTmLUM7d8uwSthABNmuAyDaPP7D+6Rd/hC06JQ9lmQr3aygTwLdO927bbS7fVhO2cE+x DG1qSeqWdnR/l4rGpLS0pCyS1wtBntp/dPjBowus/XPicPtBwNHwIbiyTpfIOFSYMZz3ev 5HjnIlk8haRx0K9ZYGP8El5ugYPE7zCDtLchbsQEU4ZjT6XDGMlWwNPOxhF9PAuobXEig2 k5G1KhNDAzDd0fl3X0pOh2y8uQVeSb3GYWznfMZcfMWOes7azCA2ukWMsiUOiuIyNM5GHG RRwwq9dGC3u+PGNEXpFFXzWCEDvrR6iToVlEscuxBO8de4QTZo2YTJjYYOfbcw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1756399789; a=rsa-sha256; cv=none; b=Gp2VlvL2f/Qcq4LIRER5JfRrxwiEDK3mprRd7Xr2nbj/ziLS3nIEjqunvKIcnFpKaSHnJX Lx7wQfxBWp5uKqjrE8xqF69RRq37lm4rRMVfFsHLo/GJz4m79C/3RFPxic4l1SI+utmyti baczp4qW5hyyeamtEqU5BmUSq7q2vmiItV9yFC8Q54fSBsd60QMq3KwSqjg0yWLJHfUEU/ YMUWn9Qz6dvA3zYY35nwn/9nfTNGovQCFckUDZhu1yxXEXO6aYxUZdCtHTBCq2hGuXgWXZ M7NT2qlKOx4DhNENE6pD+0up5rRRsTllzuYPYv5MlPk+nuznPHdPgIVua9rl4Q== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from [IPV6:2001:1c00:270f:14b0:52f:733b:674f:b081] (2001-1c00-270f-14b0-052f-733b-674f-b081.cable.dynamic.v6.ziggo.nl [IPv6:2001:1c00:270f:14b0:52f:733b:674f:b081]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: ronald/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4cCS711z97zw64; Thu, 28 Aug 2025 16:49:49 +0000 (UTC) (envelope-from ronald@FreeBSD.org) Message-ID: <91944f04-24b4-4374-b147-474a59e85568@FreeBSD.org> Date: Thu, 28 Aug 2025 18:49:41 +0200 List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: mail/claws-mail: IPv6 issues: SSL handshake error To: A FreeBSD User , FreeBSD CURRENT , FreeBSD Ports References: <20250828171636.04a61a93@thor.sb211.local> Content-Language: en-US From: Ronald Klop In-Reply-To: <20250828171636.04a61a93@thor.sb211.local> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Op 28-08-2025 om 17:16 schreef A FreeBSD User: > Hello, > > I'm using mail/claws-mail for my daily work with FreeBSD (CURRENT, 14-STABLE at this time). > After switching to a working IPv6 environment I face serious connection problems with one of > my providers, to which claws-mail prefereably connects via IPv6. Sending and receiving is done > via "Use TLS" on sending an receiving (the provider, goneo.de has a dedicated introduction > configuring claws-mail I followed step by step). > > On the firewall I observe that the provider in question is connected via IPv6, while other > providers, University and others, are not, they are still with IPv4 and do not show any issues. > > claws-mail provides a log screen, but I can not make much out of it, the SMTP and/or IMAP > server is connected at the correct port and the initial handshake seems all right, but in 8 > out of 10 times the connection fails and does not get initialized due to a "TLS handshake > error". Sending emails takes sometimes 10 attempts, but then of a sudden it works flawlessly! > After running claws-mail for a couple of minutes a day, this problem seems to go away in a > mysterious way, receiving/sending works like a charm as nothing has ever been broken before > ... > > I;m floating here like a dead man in the water. The firewall / router is FreeBSD / ipfw, I > suspected this instance, but why should mail being blocked/corrupted while other connections > via IPv6 work? > > Maybe someone has some ideas what to check and where to look ... > > Thanks in advance, > oh > > Hi, Does it work with this provider if you force claws-mail to use ipv4? Can you reproduce the issue easily? Is it possible to reproduce it with openssl? Something like this. There are also options to choose specific TLS versions. openssl s_client -starttls imap -connect :143 -6 openssl s_client -starttls smtp -connect :25 -6 Can you tcpdump the traffic to a file and see in wireshark what is going on? Regards, Ronald.