Re: [exim] exim.org still incorrectly configured

Góra strony
Delete this message
Reply to this message
Autor: Adam D. Barratt
Data:  
Dla: exim-users
Temat: Re: [exim] exim.org still incorrectly configured
On Sat, 2021-10-16 at 17:22 +0200, Heiko Schlittermann via Exim-users
wrote:
> Slavko via Exim-users <exim-users@???> (Sa 16 Okt 2021 11:14:45
> CEST):
> > I am not sure if it is related to migration, but recently i start
> > to see
> > something as this in my exim log:
> >
> >     TLS error on connection from hh.schlittermann.de
> > [213.128.132.49]
> >     (gnutls_handshake): A disallowed SNI server name has been
> > received.

> >
> > The recent one was today at 2021-10-16 01:51:16.
>
> While it is related to the migration, it seems to be a side effect of
> mitigating (hotmail/live/outlook)'s blacklist for the IP the "new
> exim site" is using now. We're sending the mails via a server that
> has better reputation at MS.
>
> This hh.schlittermann.de runs the latest Exim, and probaby sends you
> an SNI your server for some reason doesn't accept?


FWIW, I've also seen two of these, at 23:53:41UTC yesterday and
11:08:41UTC today. The server in question is running Debian's 4.92-
8+deb10u6 exim4-daemon-heavy package and has "tls_sni" set in the log
selector.

The log entries for the second failed connection are:

2021-10-16 11:08:40 SMTP connection from [213.128.132.49] (TCP/IP connection count = 1)
2021-10-16 11:08:41 TLS error on connection from hh.schlittermann.de [213.128.132.49] (gnutls_handshake): A disallowed SNI server name has been received.
2021-10-16 11:08:41 SMTP connection from hh.schlittermann.de [213.128.132.49] closed by EOF
2021-10-16 11:08:41 no MAIL in SMTP connection from hh.schlittermann.de [213.128.132.49] D=0s C=EHLO,STARTTLS

The same server has received 21 successful connections from
hh.schlittermann.de in the past couple of days.

Regards,

Adam