[courier-users] BLACKLISTS setting and etc/esmtpd-ssl - Greg Earle - net.sourceforge.lists.courier-users

6 messages in net.sourceforge.lists.courier-users[courier-users] BLACKLISTS setting an...

From	Sent On	Attachments
Greg Earle	Jul 27, 2004 2:44 pm
Sam Varshavchik	Jul 27, 2004 4:18 pm
Greg Earle	Jul 27, 2004 5:50 pm
Sam Varshavchik	Jul 28, 2004 4:10 am
Greg Earle	Jul 28, 2004 7:42 am
Gordon Messmer	Jul 28, 2004 10:14 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	[courier-users] BLACKLISTS setting and etc/esmtpd-ssl	Actions...
From:	Greg Earle (ear...@isolar.DynDNS.ORG)
Date:	Jul 27, 2004 2:44:44 pm
List:	net.sourceforge.lists.courier-users

I'm running Courier 0.45.6 on Solaris 9. I was investigating a problem sending mail out from home through my work server using port 465, thus talking to "esmtpd-ssl" on the work/Courier side.

What I found was that "esmtpd-ssl" was getting told that my sending address was in SORBS as a dynamic address. But instead of reporting it via "syslog" like "courieresmtpd" does:

Jul 27 12:44:27 courieratwork courieresmtpd: [ID 702911 mail.error] error,relay=::ffff:218.63.92.101,from=<aml...@anbgg.www-mailserver.com>, to=<ear...@isolar.dyndns.org>: 511 Dynamic IP Address See: http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=218.63.92.101

I get nothing in the logs, and "couriertls" gets fired up instead. "couriertls" accesses my server certificate, sleeps a bit, and then emits

DEBUG: Unexpected SSL connection shutdown.

and goes back to sleep in poll().

The invocation is

11161 ? S 0:00 /opt/courier/sbin/couriertcpd -stderrlogger=/opt/courier/sbin/courierlogger -stderrloggername=esmtpd-ssl -maxprocs=40 -maxperip=5 -maxperc=5 -pid=/opt/courier/var/tmp/esmtpd-ssl.pid -stderrlogger=/opt/courier/sbin/courierlogger -user=daemon -group=mail -block=dnsbl.sorbs.net,BLOCK -access=/opt/courier/etc/smtpaccess.dat -address=0 465 /opt/courier/bin/couriertls -server -tcpd /opt/courier/sbin/courieresmtpd /opt/courier/libexec/courier/modules/esmtp/authstart authdaemon

Is there something I should be doing to get the SORBS rejection message logged to syslog when it's running as esmtpd-ssl on port 465?

Also, I noticed that .../etc/esmtpd-msa{,.dist} has

##NAME: BLACKLISTS: 0 # # You probably want to turn off any blacklist checking, if you have it # enabled in esmtpd

BLACKLISTS=""

Surely "esmtpd-ssl{,.dist}" should have this setting as well?

Also, on a related note, if I set "TLS_PROTOCOL" to "TLS1" in "esmtpd-ssl", when Entourage clients connect, it generates the following error:

Jul 26 14:59:05 courieratwork esmtpd-ssl: [ID 702911 mail.info] couriertls: connect: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number

Is this Entourage brain-damage? (If it's set to "SSLv3" instead, mail successfully goes through, even though Entourage still bitches about something else.)

Thanks,

- Greg

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: