[SOLVED] OBSD, Postfix, TLS, Sasl
Its been a long time since I posted here but I need some fresh eyes to look at this issue Ive encountered. Im sure there is a simple solution, most likely a config error on my part but Im not entirely sure.
Ok, so on to the point. Im currently configuring an OBSD 5.1 box with postfix/SA/procmail, pretty standard stuff and that all works perfect, as expected.
I have sasl configured and authenticating just fine for smtp auth. Good so far.
Now, the issue. TLS. I cant get both sasl and TLS to work together happily. Last time I did this was on a 4.6 machine where it worked flawlessly.
I followed the same receipe I worked out. now the wierdness.
Without auth, I can successfully run the TLS connection/conversation. (thunderbird settings - no authentication, port 587)
connect from unknown[10.0.0.66] Oct 30 16:08:37 mail postfix/smtps/smtpd: Anonymous TLS connection established from unknown[10.0.0.66]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) Oct 30 16:08:37 mail postfix/smtps/smtpd: 73BA9701C3E: client=unknown[10.0.0.66] Oct 30 16:08:37 mail postfix/cleanup: 73BA9701C3E: message-id=<508F6EE4.email@example.com> Oct 30 16:08:37 mail postfix/qmgr: 73BA9701C3E: from=<firstname.lastname@example.org>, size=50340, nrcpt=1 (queue active) Oct 30 16:08:37 mail postfix/smtps/smtpd: disconnect from unknown[10.0.0.66]
connect from unknown[10.0.0.66] Oct 30 16:08:20 mail postfix/smtps/smtpd: Anonymous TLS connection established from unknown[10.0.0.66]: SSLv3 with cipher DHE-RSA-AES256-SHA (256/256 bits) Oct 30 16:08:20 mail postfix/smtps/smtpd: warning: TLS library problem: 8919:error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:/usr/src/lib/libssl/ssl/../src/ssl/s3_pkt.c:1195:SSL alert number 42:
Im using dovecot for the imap/pop3 servers. Same deal, if I leave on default ports (143/110) it seems to use a TLS connection which doesnt make sense, or the logs are lying to me.
mail dovecot: imap-login: Login: user=<xxxxxx>, method=PLAIN, rip=10.0.0.66, lip=10.0.0.72, mpid=1787, TLS
mail dovecot: imap-login: Disconnected (no auth attempts): rip=10.0.0.66, lip=10.0.0.72, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
I can post any config files you like, I havent yet as I didnt want to clutter this post to much.
If Ive done something completely stupid, please point it out haha.
Last edited by Dazhelpwiz; 31st October 2012 at 01:11 AM. Reason: more info, its late, been doing this all day..
|Thread||Thread Starter||Forum||Replies||Last Post|
|Mutt and SASL||divadgnol67||OpenBSD Packages and Ports||3||11th March 2011 04:48 PM|
|Problem with Postfix and Sasl auth||unixbsd||OpenBSD General||1||27th April 2009 03:26 AM|
|unable to install Postfix from ports on OBSD 4.3||Pollywog||OpenBSD Packages and Ports||25||22nd July 2008 03:32 AM|
|Postfix, SASL w/ LDAP||kronic||OpenBSD General||2||19th June 2008 06:49 AM|
|Working Configuration for Openbsd 4.0 - Postfix - SASL - TLS||roundkat||Guides||0||4th May 2008 05:38 PM|