From nobody Fri Oct 20 15:11:56 2023 X-Original-To: doc@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SBp306nVyz4xt4v for ; Fri, 20 Oct 2023 15:11:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SBp3051SJz4r8M for ; Fri, 20 Oct 2023 15:11:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697814716; a=rsa-sha256; cv=none; b=qgmjVPlRHst9IedhNDpPjJ6FAE9eN4j3rtDtPK1eL9B0e0Q9dauXOzLUbLcQmBYqiLCJbf oXODA7nTahqHgTSIcMifPmikzK47xj9uJNesKs/3UPycGZheF+fvA/dH25flW6wxRukTAM z6jL/p16A/kYjEMQ3ZLBEdoDz94UX/I0dl2Eh4uGzS4X73gBBHAWOSB+d5SKEtvh9roQKh dmFnsEAXovBh12yFl2P2Zvc8Rq/MHfHXFMQenigMGfUm3unsPXVa+TnXo26/eVVPhPoFYY QAP61sLpyEZQUUgFVe8r9VQpgY1TtSxiMrbMu92MUSNkgRsG5oz6dGmLlqxIEw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1697814716; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=JBwENT79YSeyyZEfLd6IE0A/7/FkiR7G+/BtH4Ip3pU=; b=Dep6+zHBmcZtLEafEXpPR+wKf/L9xKx8S+GRmvB8QseZPoA+02nt0wInITukVhbW9gGX07 hU2tNTTCZ4gDk2Rfh7AqSGPPhQyR6WCwz0Ol2aDo+5EsQRLibPMjWi5XFeh4STZ1g4ruTC LdSJWvJpvLhajSUT/mAcyzdHUY+6B6seK+YlVhKYIlpbE+H8cAExdXi+HdS14m7zpkR9DI Wjm0WNFT780DHf3wo/RxWv6oxbJqN15Bb3LrPiT/23gbz5JOYVRHXwEDVRNyVyALI3p4on Bd2NZhhQrqWiCp2YSTMUc8qO6YM3dNcceWVUz7vRDGmaX2SB/1o3ISJKk8OCKA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SBp3045FNzd0j for ; Fri, 20 Oct 2023 15:11:56 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 39KFBuE7070047 for ; Fri, 20 Oct 2023 15:11:56 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 39KFBudi070020 for doc@FreeBSD.org; Fri, 20 Oct 2023 15:11:56 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: doc@FreeBSD.org Subject: [Bug 274609] Committers Guide: SMTP configuration incomplete/lack of details Date: Fri, 20 Oct 2023 15:11:56 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Documentation X-Bugzilla-Component: Website X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: michaelo@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: doc@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Documentation project List-Archive: https://lists.freebsd.org/archives/freebsd-doc List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-doc@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D274609 Bug ID: 274609 Summary: Committers Guide: SMTP configuration incomplete/lack of details Product: Documentation Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Website Assignee: doc@FreeBSD.org Reporter: michaelo@FreeBSD.org I started to set up my env at work for my FreeBSD cluster account. It turned out that STARTTLS is actively blocked by ZScaler which I need to figure out why: > PS C:\deps-x64\openssl-3.0.11> .\openssl.exe s_client -connect smtp.FreeB= SD.org:587 -starttls smtp -brief > write:errno=3D10060 Someone pointed me at work why I have not tried port 465 with TLS instead of in-SMTP STARTTLS: > PS C:\deps-x64\openssl-3.0.11> .\openssl.exe s_client -connect smtp.FreeB= SD.org:465 -brief > depth=3D2 C =3D US, O =3D Internet Security Research Group, CN =3D ISRG R= oot X1 > verify error:num=3D20:unable to get local issuer certificate > CONNECTION ESTABLISHED > Protocol version: TLSv1.3 > Ciphersuite: TLS_AES_256_GCM_SHA384 > Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed= 25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA= -PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:EC= DSA+SHA1:RSA+SHA224:RSA+SHA1 > Peer certificate: CN =3D smtp.freebsd.org > Hash used: SHA256 > Signature type: RSA-PSS > Verification error: unable to get local issuer certificate > Server Temp Key: X25519, 253 bits > 220 smtp.freebsd.org ESMTP Postfix > HELO sdf > 250 smtp.freebsd.org > ehlo sdf > 250-smtp.freebsd.org > 250-PIPELINING > 250-SIZE 10240000 > 250-VRFY > 250-ETRN > 250-AUTH PLAIN LOGIN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250-DSN > 250-SMTPUTF8 > 250 CHUNKING > QUIT > DONE and this work while the other one is not (verified with Wireshark). Please update the documentation that smtp.FreeBSD.org supports *both* START= TLS via 587 and TLS via 465. This might solve a similar issue for others as wel= l. --=20 You are receiving this mail because: You are the assignee for the bug.=