[tor-relays] Problem with sendmail on relay
teor
teor2345 at gmail.com
Wed Nov 23 08:06:18 UTC 2016
> On 23 Nov. 2016, at 18:25, Berta Gieselbusch <berta at gieselbusch.de> wrote:
>
> Good morning,
>
>
> I've setup my first relay. Until now everything seems to be working
> fine, but I keep getting mails from logcheck I don't know how to deal with.
>
> The reported errors are:
>
> "sm-mta[15148]: STARTTLS=client, relay=smtpin.rzone.de.,
> version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384,
> bits=256/256".
Hi Berta,
This mail you just sent came from:
Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de
[IPv6:2a01:238:20a:202:5300::8])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "*.smtp.rzone.de", Issuer "TeleSec ServerPass DE-2" (not verified))
Do you forward mail from your relay to an account on the same email
provider? (Do you forward to the same email address you sent this
mail from?)
If so, then it looks like your email provider has its TLS misconfigured.
(It looks to me like they don't return any certificates at all.)
Here are the certificates in question:
https://www.telesec.de/en/serverpass-en/support/download-area/category/74-telesec-serverpass-de-2
It appears that compatibility with sendmail is not a priority:
https://www.telesec.de/en/serverpass-en/support/root-compatibility
Or perhaps TLS is misconfigured on your sendmail instance.
Or there's some kind of certificate chain error, where your server does
not believe the root certificate that signed the smtp.rzone.de
certificate.
In any case, it's nothing to do with Tor.
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
More information about the tor-relays
mailing list