From owner-freebsd-questions@FreeBSD.ORG  Fri Dec 30 16:53:24 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 27CA3106566B
	for <freebsd-questions@freebsd.org>;
	Fri, 30 Dec 2011 16:53:24 +0000 (UTC) (envelope-from mark@msen.com)
Received: from shell.msen.com (msen.com [148.59.86.2])
	by mx1.freebsd.org (Postfix) with ESMTP id E55298FC1C
	for <freebsd-questions@freebsd.org>;
	Fri, 30 Dec 2011 16:53:23 +0000 (UTC)
X-Sent-To: freebsd-questions@freebsd.org
Received: from [192.168.2.14] (99-170-102-4.lightspeed.livnmi.sbcglobal.net
	[99.170.102.4]) (authenticated bits=0)
	by shell.msen.com (8.14.3/8.14.3) with ESMTP id pBUGrML6045670;
	Fri, 30 Dec 2011 11:53:23 -0500 (EST) (envelope-from mark@msen.com)
Message-ID: <4EFDEC79.9070403@msen.com>
Date: Fri, 30 Dec 2011 11:53:13 -0500
From: Mark <mark@msen.com>
User-Agent: Mozilla/5.0 (Windows NT 5.2; WOW64;
	rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: freebsd-questions@freebsd.org, Postfix users <postfix-users@postfix.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Received-SPF: Pass (sender authenticated); receiver=msen.com;
	client-ip=99.170.102.4; envelope-from=<mark@msen.com>
Received-SPF: Pass (sender authenticated); receiver=msen.com;
	client-ip=99.170.102.4; helo=[192.168.2.14]
Cc: 
Subject: SSL/TLS suddenly stopped working for postfix
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Dec 2011 16:53:24 -0000

My apologies for the cross-posting but I believe it is relevant.

     I have been running postfix for 8+ months without problems.  
Recently ( a week or two) I had a user complain that he could no longer 
send.  It appears that postfix is no longer accepting SSL/TLS 
connections.  STARTTLS is working on port 587 (and possibly 25, still 
testing)  I am trying to figure out why the change.

     If I try and open an openssl connection manually, this is what I get:

openssl s_client -connect mail.myServer.net:587
CONNECTED(00000003)
44829:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:478:

     I recently installed a webmail client , roundcube.  Not sure if 
that could affect anything.

Any help is greatly appreciated.  I know I should send main.cf and 
master.cf but I have to filter out the proprietary info first...

Mark Moellering