[BlueOnyx:18077] Re: Sendmail TLS problem
Michael Stauber
mstauber at blueonyx.it
Wed Jul 22 17:16:20 -05 2015
Hi Carl,
>> #> openssl s_client -connect 199.175.188.52:25 -tls1 -cipher EDH
>> -starttls smtp -msg
>
> That does not work from here - I get:
>
> didn't found starttls in server response, try anyway...
Weird. Works for me. Both from Ubuntu 14.04 and CentOS 6 or 7.
> What do you see with
>
> telnet 199.175.188.52 25
> EHLO your.fqdn
>
> Do they advertise starttls? Not for me:
Trying 199.175.188.52...
Connected to 199.175.188.52.
Escape character is '^]'.
220 mta2.XXXXX.com ESMTP
ehlo smd.net
250-mta2.XXXXX.com
250-8BITMIME
250-SIZE 209715200
250-AUTH PLAIN LOGIN
250 AUTH=PLAIN LOGIN
help
214-The following commands are recognized
214- auth data ehlo helo
214- help mail noop quit
214 rcpt rset vrfy
Nope. No starttls there.
For comparison a 5209R:
[root at cobalt4 ~]# telnet 5209r.smd.net 25
Trying 38.114.102.16...
Connected to 5209r.smd.net.
Escape character is '^]'.
220 5209r.smd.net ESMTP Sendmail Ready; Wed, 22 Jul 2015 17:13:44 -0500
help
214-2.0.0 This is sendmail
214-2.0.0 Topics:
214-2.0.0 HELO EHLO MAIL RCPT DATA
214-2.0.0 RSET NOOP QUIT HELP VRFY
214-2.0.0 EXPN VERB ETRN DSN AUTH
214-2.0.0 STARTTLS
I never debug TLS with telnet, though. I rather use openssl s_client for
that, as it tells me a lot more about the things I want to know. Such as
ciphers & protocols.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list