Hi list!
I have a server with Exim 4.89 (I tried with another server with Exim
4.92.3, too. Same problem!).
It works with all clients, but not with iPhones...
I configured it to listen on port 465 as SMTPs. If I set this port in
iPhone, it waits, and waits, and waits...
But no SMTP command will be sent.
No log in exim mainlog.
I'm sure, the problem is on my server, since I tried to give the Google
server, and it works on port 465.
I tried with openssl s_server to my server and to Google, and I see a
difference:
My server:
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5703 bytes and written 302 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID:
603CBA528012D65A8F5844C9C6A7E2842276E9C900AA8826C22C0848B81EF148
Session-ID-ctx:
Master-Key:
2FFBFB191CF401A3341387F054F869681687722AF2692BB9B7D8CBFA47C7C99DB5C28FC1F718801CCCDCE55DB87584B0
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1582633588
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
Google:
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3211 bytes and written 261 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-CHACHA20-POLY1305
Session-ID:
2197F157612DF755D31A0925303815FE1D7666E7CF2BFCC329E0D4976E9DEB61
Session-ID-ctx:
Master-Key:
161DF97FFE5513F987DE79792C263E406863411894EE9CEF2B8D184CDA24AE039A4AA155CD1C87E0472FD9C1B07C2E44
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 100800 (seconds)
TLS session ticket:
0000 - 01 cd b4 5d b8 df e4 c2-b5 18 30 4c b6 04 3d 7d
...]......0L..=}
0010 - 37 3a 33 0f 42 ae c8 af-fe 93 c0 7d c7 33 8a 9a
7:3.B......}.3..
0020 - 7a ec 1f 7b 45 6e dc d3-fb d2 60 b7 6e d0 74 00
z..{En....`.n.t.
0030 - db 48 83 16 b1 56 52 76-71 17 9e 3e 53 1b a4 3a
.H...VRvq..>S..:
0040 - 70 32 78 1f 14 1b f9 ec-7c ef 40 da 5d 06 4f 20
p2x.....|.@.].O
0050 - 7c 3e 0d 91 2c 21 4a 8d-aa 61 cf f8 96 c4 b1 b2
|>..,!J..a......
0060 - 76 b0 32 f9 19 b4 33 47-12 11 f2 2e 39 5a 16 6f
v.2...3G....9Z.o
0070 - b4 29 0c 90 d7 44 38 51-7c f6 88 51 71 29 92 90
.)...D8Q|..Qq)..
0080 - 84 d0 5f be cc 85 71 1b-68 57 21 2a 83 72 b7 f5
.._...q.hW!*.r..
0090 - 5c 9c f6 25 ed 44 7c 15-84 6e 35 2b 78 22 e4 62
\..%.D|..n5+x".b
00a0 - 82 26 49 a9 d1 20 ab ba-01 9c e9 a0 3b 0a be c1 .&I..
......;...
00b0 - aa 7a 3b a8 4f c8 68 d9-6f 0c 3a d9 8e 80 81 b2
.z;.O.h.o.:.....
00c0 - 8a 96 b4 a8 d8 a2 57 8a-7a 68 28 2e f2 39 d4 c1
......W.zh(..9..
00d0 - 04 94 c0 6c 72 93 ad 40-e2 27 b9 c8 ca ac 1c 51
...lr..@.'.....Q
00e0 - cc a1 ..
Start Time: 1582632814
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
You see, on my server there's no "TLS session ticket"...
Could someone explain me what am I doing wrong?
Thanks a lot
Luca Bertoncello
(lucabert@???)
