At 12:51 -0800 2003/02/15, Mark Edwards wrote:
[...]
>
>Well, what happens is I can connect either with STARTTLS or not to port 25,
>and everything is logged normally. I can connect normally to port 26 and it
>is logged, but if I try to use STARTTLS on any port other than 25, the
>connection times out and nothing ever gets logged.
>
>My conclusion is that a STARTTLS connection on a port other than 25 (I've
>also tried 587) isn't even making it to Exim. The real question is where is
>it failing? Is it failing at the client (doubtful, because I don't think
>the client would time-out, and I've tried on two different clients on two
>different OS's) or is the connection being intercepted somewhere before it
>gets to Exim?
>
>Has anyone seen a STARTTLS connection on a port other than 25 actually work?
>
It is making it to exim (how would it not?), only that you will not
see it in a normal log. It seem that "most" clients (I am basing this
on 1 (one) client... and all the failures reported) will consider
ports either than 25 for SSL, that is tls-on-connect. A tcpdump shows
garbage thrown at poor exim, and the connection lost as the SSL
session fails to establish. [test done on port 26 with Mail.app on
MacOSX]
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/