From owner-freebsd-current@freebsd.org Sun Aug 16 18:52:11 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 960363C3857 for ; Sun, 16 Aug 2020 18:52:11 +0000 (UTC) (envelope-from ronald-lists@klop.ws) Received: from smarthost1.greenhost.nl (smarthost1.greenhost.nl [195.190.28.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BV5rT1JCDz3RhJ for ; Sun, 16 Aug 2020 18:52:09 +0000 (UTC) (envelope-from ronald-lists@klop.ws) Received: from smtp.greenhost.nl ([213.108.110.112]) by smarthost1.greenhost.nl with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1k7NlF-0007cC-UX for freebsd-current@freebsd.org; Sun, 16 Aug 2020 20:52:07 +0200 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes To: freebsd-current@freebsd.org Subject: (solved) Re: dma fails to connect (error:1408F10B:SSL routines:ssl3_get_record:wrong version number) References: Date: Sun, 16 Aug 2020 20:52:04 +0200 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Ronald Klop" Message-ID: In-Reply-To: User-Agent: Opera Mail/12.16 (FreeBSD) X-Authenticated-As-Hash: 398f5522cb258ce43cb679602f8cfe8b62a256d1 X-Virus-Scanned: by clamav at smarthost1.samage.net X-Spam-Level: / X-Spam-Score: -0.4 X-Spam-Status: No, score=-0.4 required=5.0 tests=ALL_TRUSTED, BAYES_50, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF autolearn=disabled version=3.4.2 X-Scan-Signature: 12f61b0c8dc8dcc8c992b8e1fde77987 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1597603930; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=S5gQsrpMUkcLQlZa7PrVYk8vOM/aRUrEtHz8Xg1L5bo=; b=n9XTLjcnYdeaA/IKmJXdEZb3B6wgrmHw9OOJV7A3bhEI6f7wYhhdFREYD24jdLiEi0K3Nu ZJs+HAktJq8OtOw+rvb0GJUeXQg78iqX3DSvjdMUZj0X3nKtAbMyrHA+PS5Xk7TKZuYe6K 7xpMW1eYQ8WtYEGeVWxqML2oaSa1o0pffw8HZ8nsoeY43gD2u1aj4tHXAXb67cx58Q2o1x nNsJA+YcWKjM+3oJV1xyVpEGQkS2WgHETQaRTHXEUS3FB3YF42rTzFbXbdr0YiwBu5CXke SLmcO5IvSO5l9VL8lo+5zjqIxz/ug8q2+s4DoQvI/2imVkiBnmrO2Iu402wqXg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1597603930; a=rsa-sha256; cv=none; b=bEFXxOwkIuORFo+iBBIxfO38JzVC8UDPmNPuk/N08U07JgXulrSkmmnzv/acEl7HqcL8dl KAZqIZPoLahpkETWkT8E6cQKYBbtFwOqypnlYq8PLA0+4Ou5IkP/NLMsK++hghg3GjPRut M27UnrGpLZO2jH6tPYexiZJ/tW+bCwScwiFG3js3Qg4LO66QoQ8yCuH1AbehVSUEMq2PUa WQaIp1tCVuQAt/SRwxpyA90/XGL5mPsuWPBrVMy7HeP5ieYb5QX5oQHy3l0hI7Id2cmic6 1Lk86QLpBmoN7aPQq2YhyuCIdp+xQKAhEqRWY9MGmnn9twIfUq9iKLX9hasPxg== ARC-Authentication-Results: i=1; mx1.freebsd.org; dkim=pass header.d=klop.ws header.s=mail header.b=OaqKNaTd; spf=pass (mx1.freebsd.org: domain of ronald-lists@klop.ws designates 195.190.28.88 as permitted sender) smtp.mailfrom=ronald-lists@klop.ws X-Rspamd-Queue-Id: 4BV5rT1JCDz3RhJ X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.26 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[klop.ws:s=mail]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[195.190.28.88:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:195.190.28.64/27]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; ARC_SIGNED(0.00)[i=1]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.97)[-0.974]; DMARC_NA(0.00)[klop.ws]; DKIM_TRACE(0.00)[klop.ws:+]; NEURAL_HAM_SHORT(-0.28)[-0.281]; RCVD_IN_DNSWL_NONE(0.00)[195.190.28.88:from]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:47172, ipnet:195.190.28.0/24, country:NL]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Aug 2020 18:52:11 -0000 On Sun, 16 Aug 2020 16:44:51 +0200, Ronald Klop wrote: > Hi, > > I have uname -UK -> 1300101 1300101 in my laptop. This uses libexec/dma > as mail agent. > I have 2 jails running uname -U -> 1300101 and 1300104. All dma configs > are the same. > > In all 1300101 versions dma can deliver mail to my smarthost. On 1300104 > I get: > > Aug 16 16:29:00 freebsd13_py3 dma[385ba.800e480a0][52169]: trying remote > delivery to smtp.greenhost.nl [213.108.110.112] pref 0 > Aug 16 16:29:00 freebsd13_py3 dma[385ba.800e480a0][52169]: > SSL_client_method > Aug 16 16:29:00 freebsd13_py3 dma[385ba.800e480a0][52169]: remote > delivery deferred: SSL handshake failed fatally: error:1408F10B:SSL > routines:ssl3_get_record:wrong version number > > Any thoughts on this? > bisecting this will take me hours and hours of compilation > > Regards, > Ronald. I found the cause of the error with ngrep. My jail has an underscore in the name and the SMTP EHLO command complained about it. But the error handling in dma does not handle this error properly if STARTTLS is enabled, so communication with the server goes wrong which results in STARTTLS getting weird results later on. I proposed a fix upstream and will rename my jail to not contain an underscore in the hostname. https://github.com/corecode/dma/pull/87 Computers and all the time consuming little bugs. Arrgh. Ronald.