erlug
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Erlug] relay da sendmail su exchange in tls

from vito pascali [Permanent Link]
To: ERlug - Lista Pubblica <erlug@xxxxxxxxxxxxxx>
Subject: Re: [Erlug] relay da sendmail su exchange in tls
From: vito pascali <vito.pascali@xxxxxxxxx>
Date: Mon, 25 Jul 2011 18:29:06 +0200


Il giorno 25 luglio 2011 18:18, Davide Brini <db72@xxxxxxxxxxxx> ha scritto:
On Mon, 25 Jul 2011 17:39:42 +0200, vito pascali <vito.pascali@xxxxxxxxx>
wrote:

> Ovviamente la mail è arrivata in un lampo...
> Avete consigli RTFM o  santi a cui votarmi?  :)

Se capisco bene, c'e' una bella differenza tra le due cose che fai. La
prima connessione parte plaintext e poi dai STARTTLS, mentre la seconda e'
direttamente SSL dall'inizio. Vedi

http://en.wikipedia.org/wiki/SMTPS

e chissa' perche' non mi sorprende che un server exchange preferisca la
seconda...

Capisco,
ma dal log di sendmail sembrerebbe che cmq ci provi a parlare in SSL dopo aver mandato l'helo, quindi così come funziona/riesce a parlare in ssl con google, così dovrebbe andare in ssl su exchange.

Jul 25 18:23:08  sendmail[9733]: STARTTLS=client, init=1
Jul 25 18:23:08  sendmail[9733]: STARTTLS: x509 cert verify: depth=0 /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/OU=Microsoft Online/CN=*.mail.emea.microsoftonline.com, state=0, reason=unable to get certificate CRL
Jul 25 18:23:08  sendmail[9733]: STARTTLS: x509 cert verify: depth=1 /DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure Server Authority, state=0, reason=unable to get certificate CRL
Jul 25 18:23:08  sendmail[9733]: STARTTLS: x509 cert verify: depth=2 /CN=Microsoft Internet Authority, state=0, reason=unable to get certificate CRL
Jul 25 18:23:08  sendmail[9733]: STARTTLS: x509 cert verify: depth=3 /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global Root, state=0, reason=unable to get certificate CRL
Jul 25 18:23:08  sendmail[9733]: STARTTLS=client, info: fds=9/8, err=2
Jul 25 18:23:08  sendmail[9733]: STARTTLS=client, get_verify: 0 get_peer: 0x9e397c0
Jul 25 18:23:08  sendmail[9733]: STARTTLS=client, relay=smtp.emea.microsoftonline.com, version=TLSv1/SSLv3, verify=OK, cipher=RC4-MD5, bits=128/128
Jul 25 18:23:08  sendmail[9733]: STARTTLS=client, cert-subject=/C=US/ST=Washington/L=Redmond/O=Microsoft+20Corporation/OU=Microsoft+20Online/CN=*.mail.emea.microsoftonline.com, cert-issuer=/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft+20Secure+20Server+20Authority, verifymsg=ok
Jul 25 18:23:08  sendmail[9733]: STARTTLS=read, info: fds=9/8, err=2
Jul 25 18:23:08  sendmail[9733]: AUTH=client, relay=smtp.emea.microsoftonline.com, mech=, bits=0
Jul 25 18:23:08  sendmail[9733]: STARTTLS=read, info: fds=9/8, err=2

Ma che per qualche motivo non gli piaccia l'autenticazione:

Jul 25 18:23:13  sendmail[9733]: p6PGN8V8009733: to=email@xxxxxxxxxxxxxxxx, ctladdr=root (0/0), delay=00:00:05, xdelay=00:00:05, mailer=relay, pri=30019, relay=smtp.emea.microsoftonline.com [213.199.187.153], dsn=5.0.0, stat=Service unavailable

Dando un bel:
Diagnostic-Code: SMTP; 530 5.7.1 Client was not authenticated

Non saprei come obbligare a fare starttls immediato su relay a sendmail..

Vito


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Erlug] relay da sendmail su exchange in tls, Davide Brini
Next by Date:  Re: [Erlug] relay da sendmail su exchange in tls, Davide Brini
Previous by Thread:  Re: [Erlug] relay da sendmail su exchange in tls, Davide Brini
Next by Thread:  Re: [Erlug] relay da sendmail su exchange in tls, Davide Brini
Indexes:  [Date] [Thread] [Top] [All Lists]