Relay=smtpin.rzone.de
Client CN is *.smtp.rzone.de
Maybe just a syntax error using smtpin instead of smtp?
On Nov 23, 2016 2:06 AM, "teor" teor2345@gmail.com wrote:
On 23 Nov. 2016, at 18:25, Berta Gieselbusch berta@gieselbusch.de
wrote:
Good morning,
I've setup my first relay. Until now everything seems to be working fine, but I keep getting mails from logcheck I don't know how to deal
with.
The reported errors are:
"sm-mta[15148]: STARTTLS=client, relay=smtpin.rzone.de., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256".
Hi Berta,
This mail you just sent came from:
Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.smtp.rzone.de", Issuer "TeleSec ServerPass DE-2" (not verified))
Do you forward mail from your relay to an account on the same email provider? (Do you forward to the same email address you sent this mail from?)
If so, then it looks like your email provider has its TLS misconfigured. (It looks to me like they don't return any certificates at all.)
Here are the certificates in question: https://www.telesec.de/en/serverpass-en/support/download-area/category/74- telesec-serverpass-de-2
It appears that compatibility with sendmail is not a priority: https://www.telesec.de/en/serverpass-en/support/root-compatibility
Or perhaps TLS is misconfigured on your sendmail instance.
Or there's some kind of certificate chain error, where your server does not believe the root certificate that signed the smtp.rzone.de certificate.
In any case, it's nothing to do with Tor.
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays