Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Viktor Dukhovni (postfix-usersdukhovni.org)
Date: Thu May 09 2013 - 02:46:45 CDT
On Wed, May 08, 2013 at 11:49:53PM +0000, Viktor Dukhovni wrote:
> While the problem Ralf reported looks similar, tests against the
> server he reported fail to discover any support for session reuse,
> so either one has to be very lucky to re-use a session (possible
> with forking servers without a shared cache) or Ralf ran into a
> slightly different problem.
Indeed "luck" (aka perseverance) is all it takes. Given enough
sessions the MTA in Ralf's report finally accepts the session id,
and then breaks in the same way (zero length finished message).
This server also sets session tickets.
The server's greeting banner purports to be Postfix, which if true,
and not front-ended by some sort of SSL-terminating firewall, or
load-balancer, ... means that the server-side bug is in some version
Any information on the server's O/S, OpenSSL and Postfix version
and whether the Postfix TLS session cache database is enabled would
be most helpful.