Hey DM,

I'm tracking an SMTP problem, which I'm not sure when it started.

Whenever SBBS is sending outbound mail (I have an SMARTHOST that I use for all app sending mail out) - I've started noticing this from SBBS:

In Sendmail:
Sep 16 14:58:26 d-1-1 sendmail[792]: STARTTLS=server, error: accept failed=-1, reason=sslv3 alert handshake failure, SSL_error=1, errno=0, retry=-1, relay=d-1-2.ipv4.leenooks.vpn [10.1.3.12]
Sep 16 14:58:26 d-1-1 sendmail[792]: x8G4wQ6S000792: d-1-2.ipv4.leenooks.vpn [10.1.3.12] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4
Sep 16 14:58:26 d-1-1 sendmail[793]: x8G4wQAj000793: from=<deon.george@bbs.REDACTED>, size=558, class=0, nrcpts=1, msgid=<5D7F166D.721@bbs.leenooks.net>, proto=ESMTP, daemon=MTA-v4, relay=d-1-2.ipv4.leenooks.

In SBBS:
9/16 14:58:26 mail 0059 SEND/TLS/TLS [mail.leenooks.vpn] WARNING 'Invalid server key agreement parameters' (-32) setting session active
9/16 14:58:26 mail 0059 SEND connecting to port 25 on mail.leenooks.vpn [10.1.3.11]
9/16 14:58:26 mail 0059 SEND message transfer complete (74 bytes, 4 lines)

I've checked and my host is happily sending and receiving mail from the greater internet, so I'm thinking this is localised to SBBS.

I have no specific SSL certs in use - so sendmail created them when it started: IE: openssl s_client -starttls smtp -crlf -connect 10.1.3.11:smtp shows: subject=/O=Sendmail/OU=Sendmail Server/CN=ebcd69a837d7/emailAddress=admin@ebcd69a837d7
issuer=/O=Sendmail/OU=Sendmail Server/CN=ebcd69a837d7/emailAddress=admin@ebcd69a837d7

Some ideas to what the problem might be?
...ëîå*

... Don't drink and park; accidents cause people.

---
þ Synchronet þ Alterant | an SBBS in Docker on Pi!

Re: SMTP reason=sslv3 alert handshake failure, SSL_error=1
By: Alterego to Digital Man on Mon Sep 16 2019 03:14 pm

Hey DM,

I'm tracking an SMTP problem, which I'm not sure when it started.

Whenever SBBS is sending outbound mail (I have an SMARTHOST that I use for all app sending mail out) - I've started noticing this from SBBS:

In Sendmail:
Sep 16 14:58:26 d-1-1 sendmail[792]: STARTTLS=server, error: accept failed=-1, reason=sslv3 alert handshake failure, SSL_error=1, errno=0, retry=-1, relay=d-1-2.ipv4.leenooks.vpn [10.1.3.12]
Sep 16 14:58:26 d-1-1 sendmail[792]: x8G4wQ6S000792: d-1-2.ipv4.leenooks.vpn [10.1.3.12] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4 Sep 16 14:58:26 d-1-1 sendmail[793]: x8G4wQAj000793: from=<deon.george@bbs.REDACTED>, size=558, class=0, nrcpts=1, msgid=<5D7F166D.721@bbs.leenooks.net>, proto=ESMTP, daemon=MTA-v4, relay=d-1-2.ipv4.leenooks.

In SBBS:
9/16 14:58:26 mail 0059 SEND/TLS/TLS [mail.leenooks.vpn] WARNING 'Invalid server key agreement parameters' (-32) setting session active
9/16 14:58:26 mail 0059 SEND connecting to port 25 on mail.leenooks.vpn [10.1.3.11]
9/16 14:58:26 mail 0059 SEND message transfer complete (74 bytes, 4 lines)

I've checked and my host is happily sending and receiving mail from the greater internet, so I'm thinking this is localised to SBBS.

I have no specific SSL certs in use - so sendmail created them when it started: IE: openssl s_client -starttls smtp -crlf -connect 10.1.3.11:smtp shows: subject=/O=Sendmail/OU=Sendmail Server/CN=ebcd69a837d7/emailAddress=admin@ebcd69a837d7 issuer=/O=Sendmail/OU=Sendmail Server/CN=ebcd69a837d7/emailAddress=admin@ebcd69a837d7

Some ideas to what the problem might be?

No immediate ideas. Deuce at irc.synchro.net may know (he added the TLS support).

digital man

Synchronet "Real Fact" #86:
Stephen and Rob have a fledgling podcast at http://techdorks.net (also iTunes). Norco, CA WX: 69.7øF, 70.0% humidity, 0 mph SE wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net