[BlueOnyx:17864] Re: TLS Error - fact finding tour
Michael Stauber
mstauber at blueonyx.it
Sat Jun 20 11:58:20 -05 2015
Hi Richard,
> Oh dear. I'm still getting loads of these. I presume if there is an issue it
> should send them unencrypted? Any further thoughts?
No idea. I looked at some of them:
> Jun 18 08:27:06 smtp sendmail[21830]: ruleset=tls_server, arg1=SOFTWARE,
> relay=smtp-in.iomartmail.com, reject=403 4.7.0 TLS handshake failed.
> Jun 18 08:27:06 smtp sendmail[21830]: STARTTLS=client, error: connect
> failed=-1, SSL_error=1, errno=0, retry=-1
That domain is trying to send you mails from various different aliases.
I did an NMAP run against them to see what ciphers they support, but
none of these domains responds to the NMAP polls.
Then take this one for example:
> Jun 18 08:27:08 smtp sendmail[21830]: ruleset=tls_server,
> arg1=SOFTWARE, relay=mxcluster-01.customer.mailwall.com,
> reject=403 4.7.0 TLS handshake failed.
That ought to work as they use ciphers that we support:
nmap --script ssl-enum-ciphers -p 465
mxcluster-01.customer.mailwall.com|grep TLS_RSA_WITH_RC4_128
| TLS_RSA_WITH_RC4_128_MD5 - strong
| TLS_RSA_WITH_RC4_128_SHA - strong
| TLS_RSA_WITH_RC4_128_MD5 - strong
| TLS_RSA_WITH_RC4_128_SHA - strong
I guess there will always be a few that fall through the crack.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list