Re: [exim] TLS issue with Exim 4.84?

Top Page
Delete this message
Reply to this message
Author: Joachim Boerner
Date:  
To: bijuan
CC: exim-users, Exim-users
Subject: Re: [exim] TLS issue with Exim 4.84?
You can use services like http://checktls.com/perl/TestSender.pl to test
your SSL settings. This error:
550 Access denied - Invalid HELO name
indicates that you haven't set the PRIMARY_HOST_NAME to your actual
fully qualified host name mail.rajagiritech.ac.in. And your domain name
rajagiritech.ac.in doesn't have a mx-entry.

On 2016-07-22 15:35, bijuan@??? wrote:
> Dear All,
>
> I am running Exim4 4.84.2-1 on Debian Jessie. I was getting error while
> sending mails to certain domains, but mails were going to domains like
> gmail, yahoo etc. Then I installed a self certified certificate and a
> SSL
> certificate and enabled TLS, assuming issue was with TLS. Still the
> following errors are appearing when sending mails to certain domains.
>
> ++++++++++++ Log Start ++++++++++++++++++++++++++
> 2016-07-22 08:01:25 1bQQEs-0003xA-1d TLS error on connection to
> xx.xxx.com
> [148.251.254.194] (recv): The TLS connection was non-properly
> terminated.
> 2016-07-22 08:01:25 1bQQEs-0003xA-1d TLS error on connection to
> xx.xxx.com
> [148.251.254.194] (send): The specified session has been invalidated
> for
> some reason.
> 2016-07-22 08:01:25 1bQQEs-0003xA-1d ** xx@??? R=dnslookup
> T=remote_smtp X=TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128
> DN="CN=xx.xxx.com,EMAIL=x@???": SMTP error from remote mail
> server
> after MAIL FROM:<bijuan@???> SIZE=8160: host xx.xxx.com
> [x.y.z.194]: 550 Access denied - Invalid HELO name (See RFC2821
> 4.1.1.1)
> ++++++++++++ Log End ++++++++++++++++++++++++++
>
> I also have this log:
> ++++++++++++ Log Start ++++++++++++++++++++++++++
> mail:/etc/exim4# swaks -a -tls -q HELO -s mail.rajagiritech.ac.in -au
> bijuan -ap '<>'
> === Trying mail.rajagiritech.ac.in:25...
> === Connected to mail.rajagiritech.ac.in.
> <- 220 mail ESMTP Exim 4.84_2 Fri, 22 Jul 2016 19:03:35 +0530
> -> EHLO mail.rajagiritech.ac.in
> <- 250-mail Hello mail.rajagiritech.ac.in [192.168.0.241]
> <- 250-SIZE 52428800
> <- 250-8BITMIME
> <- 250-PIPELINING
> <- 250-STARTTLS
> <- 250 HELP
> -> STARTTLS
> <- 220 TLS go ahead
> === TLS started with cipher TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256
> === TLS no local certificate set
> === TLS peer DN="/C=IN/O=rset/CN=mail.rajagiritech.ac.in"
> ~> EHLO mail.rajagiritech.ac.in
> <~ 250-mail Hello mail.rajagiritech.ac.in [192.168.0.241]
> <~ 250-SIZE 52428800
> <~ 250-8BITMIME
> <~ 250-PIPELINING
> <~ 250 HELP
> ~> QUIT
> <~ 221 mail closing connection
> === Connection closed with remote host.
> ++++++++++++ Log End ++++++++++++++++++++++++++
>
> Because of this, mails are not going to certain domains.
>
> Can anyone tell me what is the issue and how to solve this?
>
> Regards,
> Biju.