Hi,

I've just switched to courier-mta from exim. I'm running Debian Lenny.

Anyways I am having trouble sending messages to an exchange server.

This is what courier sends me: <quote> DELAYS IN DELIVERING YOUR MESSAGE

The delivery of the following E-mail message has been delayed. [snip] This is an advisory notice for the following addresses only:

<xx...@XXX.com>: XXX.com [xxx.xxx.xxx.xxx]: <<< Broken pipe </unquote>

syslog and mail.log show: Nov 6 06:25:20 psqtech01 courierd: started,id=some_long_string,from=<bij...@psq.com>,module=esmtp,host=XXX.com,addr=<xx...@XXX.com> Nov 6 06:25:20 psqtech01 courierd: Waiting. shutdown time=none, wakeup time=Fri Nov 6 06:29:36 2009, queuedelivering=8, inprogress=2 Nov 6 06:25:20 psqtech01 courieresmtp: id=some_long_string,from=<bij...@psq.com>,addr=<xx...@XXX.com>: Connection reset by peer Nov 6 06:25:20 psqtech01 courieresmtp: id=some_long_string,from=<bij...@psq.com>,addr=<xx...@XXX.com>,status: deferred

I know that I can send mail to the domain through normal SMTP, but I think there is some trouble with using TLS. I say this because I have run some basic tests using telnet to connect to the server.

If I telnet to port 25, I can get: 220 XXX.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Fri, 6 Nov 2009 06:48:12 -0500 and I can do: EHLO psq.com 250-XXX.com Hello [xxx.xxx.xxx.xxx] 250-TURN 250-SIZE 1048576000 250-ETRN 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-BINARYMIME 250-CHUNKING 250-VRFY 250-TLS 250-STARTTLS 250 OK then i do: MAIL FROM: bij...@psq.com 250 2.1.0 bij...@psq.com....Sender OK RCPT TO: xx...@XXX.com 250 2.1.5 xx...@XXX.com then finally DATA 354 Start mail input; end with <CRLF>.<CRLF> and I can type in the message, I get 250 2.6.0 <long...@XXX.COM> Queued mail for delivery and then I'm done and I QUIT.

So I see that I can send mail to the domain normally.

However when I try to use openssl s_client to connect to the server. This is what happens: openssl s_client -crlf -starttls smtp -connect XXX.com:25 bunch of SSL info 250 OK then I do MAIL FROM: bij...@psq.com 250 2.1.0 bij...@psq.com....Sender OK RCPT TO: xx...@XXX.com RENEGOTIATING 19407:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

So now I don't know if I'm just missing some option to OpenSSL's s_client or if there's some bug with OpenSSL. Not knowing much about SSL, TLS, etc. It seems everything is good until it tries to renegotiate the connection and then OpenSSL dies.

I'm sure courier is using TLS because I've looked at the traffic between courier and exchange using tshark (a command-line packet capture tool). And I can see that courier is issuing the STARTTLS command: 0.022585 67.212.81.240 -> xxx.xxx.xxx.xxx SMTP C: EHLO imap.psq.com 0.033803 xxx.xxx.xxx.xxx -> 67.212.81.240 SMTP S: 250-XXX.com Hello [67.212.81.240] | 250-TURN | 250-SIZE 1048576000 | 250-ETRN | 250-PIPELINING | 250-DSN | 250-ENHANCEDSTATUSCODES | 250-BINARYMIME | 250-CHUNKING | 250-VRFY | 250-TLS | 250-STARTTLS | 250 OK 0.033873 67.212.81.240 -> xxx.xxx.xxx.xxx SMTP C: STARTTLS 0.045006 xxx.xxx.xxx.xxx -> 67.212.81.240 SMTP S: 220 2.0.0 SMTP server ready [encrypted data]

Anyways is there some easy way to fix this? Or this there some way to make courier fall back to just sending the mail without STARTTLS (if STARTTLS fails).

P.S. Sorry about the super long message, but I wanted to make sure I wasn't missing any information that could help pinpoint the problem.

Thanks in advance, Bijan

------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july