Andrew C Aitchison <andrew@???> (Mi 05 Jul 2017 16:54:30 CEST): > On Wed, 5 Jul 2017, admin@??? wrote:
I reformatted the entry to match the original long lines:
> 2017-07-05 14:47:13 [19866] 1dSji4-0005AQ-GR <= hs@??? H=(blade.schlittermann.de) [10.10.11.134] I=[84.19.194.3]:587 P=esmtpsa X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no A=plain:heiko@??? S=1500 id=20170705124710.kxr4t27kzqvnllhu@??? T="testing"
> 2017-07-05 14:47:19 [19877] 1dSji4-0005AQ-GR [88.198.159.50] SSL verify error: certificate name mismatch: DN="/CN=smtp.netwichtig.de" H="mx00.hj-systems.de"
> 2017-07-05 14:47:24 [19877] 1dSji4-0005AQ-GR SMTP error from remote mail server after end of data: 451-Rejected due to site policy reasons. Contact postmaster in case of\n451 problems.
> 2017-07-05 14:47:24 [19877] 1dSji4-0005AQ-GR H=mx01.hj-systems.de [2a01:4f8:130:63e3::2] Connection refused
> 2017-07-05 14:47:29 [19877] 1dSji4-0005AQ-GR [213.133.111.59] SSL verify error: certificate name mismatch: DN="/CN=smtp.netwichtig.de" H="mx01.hj-systems.de"
> 2017-07-05 14:47:32 [19875] 1dSji4-0005AQ-GR => alfred@??? F=<hs@???> R=dnslookup T=smtp S=2049 H=mx01.hj-systems.de
> [213.133.111.59] I=[84.19.194.3] X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no DN="/CN=smtp.netwichtig.de" C="250 OK id=1dSjiM-0004uQ-BC" QT=20s DT=7s
> 2017-07-05 14:47:32 [19875] 1dSji4-0005AQ-GR Completed QT=20s
> The 14:47:24 entries are a multi-line log, but they do show the 4xx error
> 451-Rejected due to site policy reasons
> reported by mx01.hj-systems.de
Where is the strong indication that we got "451-Reje…" from mx01.hj-systems.de?
We can *assume* it, as the TLS traces are talking about that host, and
as we see the rejected IPv6 connection. But there is nothing that proves
the connection attempt to mx01.hj-systems.de