|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
TLS connection established from unknown
From: Alexander Grüner (agruener
gmx.de)
Date: Tue Nov 21 2006 - 07:38:08 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi :-)
I have a postfix postfix-2.1.5-3.4 on SuSE Linux 9.2 and in main.cf:
smtpd_use_tls = yes
smtp_use_tls = yes
smtpd_tls_key_file = /etc/postfix/certs/private.pem
smtpd_tls_cert_file = /etc/postfix/certs/public.pem
smtpd_tls_CAfile = /opt/kde3/share/apps/kssl/ca-bundle.crt
smtp_tls_CAfile = /opt/kde3/share/apps/kssl/ca-bundle.crt
smtpd_tls_loglevel = 2
smtp_tls_loglevel = 2
smtpd_tls_received_header = yes
smtp_tls_note_starttls_offer = yes
I have a public certificate from german Telesec. Everything seems to
work fine.
I would expect, that a certificate for an IP address should not be
valid. But looking to /var/log/mail shows that there is a "TLS
connection established from unknown":
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: connect from unknown[89.185.225.2]
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: setting up TLS connection from
unknown[89.185.225.2]
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:before/accept
initialization
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:error in SSLv2/v3
read client hello A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:error in SSLv3 read
client hello B
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:error in SSLv3 read
client hello B
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 read client
hello B
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 write server
hello A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 write
certificate A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 write server
done A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 flush data
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:error in SSLv3 read
client certificate A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:error in SSLv3 read
client certificate A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 read client
key exchange A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:error in SSLv3 read
certificate verify A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 read finished A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 write change
cipher spec A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 write finished A
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: SSL_accept:SSLv3 flush data
Nov 21 12:25:08 ns3 postfix/smtpd[23590]: TLS connection established
from unknown[89.185.225.2]: TLSv1 with cipher AES256-SHA (256/256 bits)
Nov 21 12:25:08 ns3 postgrey[5363]: request age 1934
Nov 21 12:25:08 ns3 postgrey[5363]: whitelisted: unknown
Nov 21 12:25:08 ns3 postgrey[5363]: delayed 1934 seconds:
client=89.185.225.2, from=katharinafineholiday.cc, to=userdomain.de
Nov 21 12:25:08 ns3 postgrey[5363]: request: client_address=89.185.225.2
client_name=unknown helo_name=fineholiday.cc instance=5c26.4562e214.0
protocol_name=ESMTP protocol_state=RCPT queue_id=
recipient=userdomain.de request=smtpd_access_policy sasl_method=
sasl_sender= sasl_username= sender=katharinafineholiday.cc size=6262
action=PREPEND X-Greylist: delayed 1934 seconds by postgrey-1.24 at ns3;
Tue, 21 Nov 2006 12:25:08 CET
Nov 21 12:25:09 ns3 postfix/smtpd[23590]: 134552B153:
client=unknown[89.185.225.2]
Nov 21 12:25:09 ns3 postfix/qmgr[23406]: 134552B153:
from=<katharinafineholiday.cc>, size=5598, nrcpt=1 (queue active)
Nov 21 12:25:09 ns3 amavis[23583]: (23583-04) ESMTP::10024
/var/spool/amavis/tmp/amavis-20061121T122352-23583:
<katharinafineholiday.cc> -> <userdomain.de> Received: SIZE=5598 from
mx3.domain.de ([xxx.xxx.xxx.xxx]) by localhost (ns3 [127.0.0.1])
(amavisd-new, port 10024) with ESMTP id 23583-04 for <userdomain.de>;
Tue, 21 Nov 2006 12:25:09 +0100 (CET)
Nov 21 12:25:09 ns3 amavis[23583]: (23583-04) Checking:
<katharinafineholiday.cc> -> <userdomain.de>
Nov 21 12:25:09 ns3 clamd[16476]:
/var/spool/amavis/tmp/amavis-20061121T122352-23583/parts/p001: OK
Nov 21 12:25:09 ns3 postfix/smtpd[23590]: disconnect from
unknown[89.185.225.2]
Do I have a config error ? Or is it possible that this SSL/TLS was right
? My postfix is just an MX to bypass all the mails to and from a Lotus
system. No pop/imap/local etc...
Regards,
Alexander
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]