[exim] SMTP protocol violation: synchronization error (input…

Top Page
Delete this message
Reply to this message
Author: eL gino
Date:  
To: exim-users
Subject: [exim] SMTP protocol violation: synchronization error (input sent without waiting for greeting)
Hello List,

I have installed a "Exim based E-Mail Server" with SMTP-AUTH in SSL/TLS mode
only, this works fine with all my MUA's (Outlook Express, Thunderbird,
etc.).
... but if i try a ssl connection from localhost with the command:

# openssl s_client -starttls smtp -host localhost -port 25
or
# openssl s_client -connect localhost:25

i get the error this error on the shell:

CONNECTED(00000003)
56194:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:4
75:

in the rejectlogfile i get this:
SMTP protocol violation: synchronization error (input sent without waiting
for greeting): rejected connection from H=localhost [127.0.0.1]

OS: FreeBSD 4.8 (i know it's old :-)
Exim: exim-4.42+27

some config options:
@general:

hostlist hosts_require_auth = *
hostlist hosts_require_tls = *
hostlist auth_over_tls_hosts = *
tls_advertise_hosts = *
tls_certificate = /usr/local/etc/exim/exim.cert
tls_privatekey = /usr/local/etc/exim/exim.key
#auth_advertise_hosts = *
auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}}

@ACL:

check_auth:
    accept hosts = *
    accept encrypted = *
    accept condition = ${if eq{${uc:$smtp_command_argument}}\
                        {CRAM-MD5}{yes}{no}}
    deny   message   = 503 Use of TLS required


@authentication
it's only a line not at fixed_cram,plain_login or fixed_login

server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}

i hope this is valid and not evil :-)

thanks and bye

Christian Neuhaus, Austria, Vienna

PS: sorry for my MUA, the name and the spelling :)
PPS: if i start Exim in debugmode (exim -bd -d -q15m) i get this output:

56142 >>>>>>>>>>>>>>>> Exim pid=56142 terminating with rc=0 >>>>>>>>>>>>>>>>
55938 Connection request from 127.0.0.1 port 3067
55938 search_tidyup called
56154 sender_fullhost = [127.0.0.1]
55938 1 SMTP accept process running
56154 sender_rcvhost = [127.0.0.1]
55938 Listening...
56154 Process 56154 is handling incoming connection from [127.0.0.1]
56154 host in host_lookup? yes (matched "*")
56154 looking up host name for 127.0.0.1
56154 DNS lookup of 1.0.0.127.in-addr.arpa (PTR) succeeded
56154 IP address lookup yielded localhost
56154 gethostbyname2 looked up these IP addresses:
56154 name=localhost address=::1
56154 name=localhost address=127.0.0.1
56154 checking addresses for localhost
56154 ::1
56154 127.0.0.1 OK
56154 sender_fullhost = localhost [127.0.0.1]
56154 sender_rcvhost = localhost ([127.0.0.1])
56154 set_process_info: 56154 handling incoming connection from localhost
[127.0.0.1]
56154 host in host_reject_connection? no (option unset)
56154 host in sender_unqualified_hosts? no (option unset)
56154 host in recipient_unqualified_hosts? no (option unset)
56154 host in helo_verify_hosts? no (option unset)
56154 host in helo_try_verify_hosts? no (option unset)
56154 host in helo_accept_junk_hosts? no (option unset)
56154 LOG: MAIN REJECT
56154 SMTP protocol violation: synchronization error (input sent without
waiting for greeting): rejected connection from H=localhost [127.0.0.1]
56154 SMTP>> 554 SMTP synchronization error
56154 search_tidyup called
55938 child 56154 ended: status=0x0
55938 0 SMTP accept processes now running
55938 Listening...