Re: [exim] TLS question

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Heiko Schlittermann
Datum:  
To: exim-users
Betreff: Re: [exim] TLS question
Eric A. Boney <mailinglists@???> (Mi 03 Feb 2010 04:27:26 CET):
> > Show log, get better help. Please don't obfuscate anything.
> The relevant lines for this email are below.
>
> 2010-02-02 22:12:34 no host name found for IP address 192.168.1.1
> 2010-02-02 22:12:34 TLS recv error on connection from [192.168.1.1]: A TLS
> packet with unexpected length was received.
> 2010-02-02 22:12:34 TLS send error on connection from [192.168.1.1]: The
> specified session has been invalidated for some reason.


I'm guessing that your're connecting to a „tls_on_connect“ port (mostly
465 is used for that). This requires the immediate start of an SSL
handshake. (simulate this with „openssl s_client -connect <HOST:PORT>“)

Probably your application expects to use SMTP + TLS, thus first starting
clear text communication (EHLO, …) and than starting an explicit TLS
session (sending the STARTTLS command).

You can debug the several possibilities with swaks (running on your
client host) and using --tls and --port options.

The other option you're probably looking for is „tls_advertise_hosts“,
it is expanded and could contain any but your client host.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -