|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Steve Finkelstein (sf
stevefink.net)
Date: Sat Mar 01 2008 - 21:02:03 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi all,
This probably applies more to some OS/X forum, and if so, I sincerely
apologize. I just figured someone active in the Postfix community has
dealt with the same issue as I'm dealing with now. I'm running a
postfix based MTA, and enforce TLS over SMTP for authentication with
SASL. Works wonderful with all MUAs including Thunderbird, etc. I'm
having a ton of trouble with Mail.app. For one odd reason or another,
it doesn't wish to deal with self-signed certificates. I'm going to be
purchasing a GoDaddy certificate shortly, but regardless, this is kind
of silly of Mail.app.
Here's how the SSL logs:
Mar 1 21:52:41 catalyst postfix/smtpd[26513]: SSL_accept:SSLv3 flush data
Mar 1 21:52:41 catalyst postfix/smtpd[26513]: read from 080D6CF8
[080E0408] (5 bytes => -1 (0xFFFFFFFF))
Mar 1 21:52:41 catalyst postfix/smtpd[26513]: SSL_accept:error in
SSLv3 read client certificate A
Mar 1 21:52:41 catalyst postfix/smtpd[26513]: SSL_accept error from
ool-44c19145.dyn.optonline.net[68.193.145.69]: -1
Here are my TLS settings:
rootcatalyst:/etc/postfix# postconf -n | grep -i tls
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_tls_CAfile = /etc/postfix/ca-bundle.crt
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 9
smtpd_tls_received_header = yes
smtpd_tls_req_ccert = no
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
Thanks for taking a look!
/sf
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]