[exim-dev] [Bug 1407] New: cutthrough_delivery / cutthrough_…

Top Page

Reply to this message
Author: Mike Cardwell
Date:  
To: exim-dev
New-Topics: [exim-dev] [Bug 1407] cutthrough_delivery / hosts_require_tls conflict, [exim-dev] [Bug 1407] cutthrough_delivery / hosts_require_tls conflict, [exim-dev] [Bug 1407] cutthrough_delivery / hosts_require_tls conflict, [exim-dev] [Bug 1407] cutthrough_delivery / hosts_require_tls conflict, [exim-dev] [Bug 1407] cutthrough_delivery / hosts_require_tls conflict
Subject: [exim-dev] [Bug 1407] New: cutthrough_delivery / cutthrough_delivery conflict
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1407
           Summary: cutthrough_delivery / cutthrough_delivery conflict
           Product: Exim
           Version: 4.82
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: high
         Component: ACLs
        AssignedTo: jgh146exb@???
        ReportedBy: exim-users@???
                CC: exim-dev@???



In my remote_smtp transport I have:

hosts_require_tls = <; fc00:beef:beef:601:9530:2068:3df9:5cb7

I just added this to the top of my rcpt ACL:

warn control = cutthrough_delivery

Now I'm getting this in my mainlog whenever a message is delivered:

2013-10-30 12:16:18 a TLS session is required for hype.glue.grepular.com
[fc00:beef:beef:601:9530:2068:3df9:5cb7], but an attempt to star
+t TLS failed

The message *is* delivered using a TLS secured connection though:

2013-10-30 12:16:20 1VbUh8-0006Mc-Po => mike.cardwell@???
P=<mike@???> R=relay_remote T=remote_smtp S=758 H=hype.glue.gr
+epular.com [fc00:beef:beef:601:9530:2068:3df9:5cb7]:25
X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256 CV=no
+DN="/description=TN8sb87Rblzkc66S/C=GB/CN=glue.grepular.com/emailAddress=postmaster@???"
C="250 OK id=1VbUhz-0008Cg-3H"

I see no errors in the mainlog of the destination server
(glue), and a tcpdump shows that this is what happens during the
cut-through delivery attempt:

<= 220-glue.grepular.com ESMTP Exim 5.99 Wed, 30 Oct 2013 12:28:38 +0000
<= 220 BOOSH
=> EHLO flan.grepular.com
<= 250-SIZE 52428800
<= 250-8BITMIME
<= 250-ETRN
<= 250-PIPELINING
<= 250-STARTTLS
<= 250-PRDR
<= 250 HELP
=> QUIT
<= 221 glue.grepular.com closing connection

It connects, sends an EHLO, sends a QUIT, and then disconnects.

Here's my exim -bV:

Exim version 4.82_RC5 #2 built 27-Oct-2013 19:43:24
Copyright (c) University of Cambridge, 1995 - 2013
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2013
Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc OpenSSL
move_frozen_messages Content_Scanning DKIM Old_Demime Experimental_SPF
+Experimental_DCC Experimental_DMARC Experimental_OCSP Experimental_PRDR
Experimental_TPDA Experimental_Redis
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz
dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd
+pgsql sqlite
Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /etc/exim4/exim4.conf


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email