SASL Auth not working SMTP with STARTTLS/SSL
Scott Ellentuch
tuctboh at gmail.com
Wed Sep 23 11:42:26 EDT 2020
Hi,
This is getting curiouser and curiouser. I decided to outsmart things, and
put a stunnel infront of SMTP listening on 465, talking to 25. Genius, huh?
Yea, not totally.
So I configured it to forward 465 to 25, started my openssl s_client
and..... EXACT SAME ISSUES!!! What the bloody heck!? I even changed out the
LetsEncrypt cert for a ZeroSSL one, same issue.
I'm running libssl.so.1.0.2k with Amazon patches.
Not sure where to go at this point..
Tuc
On Tue, Sep 22, 2020 at 9:39 PM Scott Ellentuch <tuctboh at gmail.com> wrote:
> Hi,
>
> Thanks for the reply. These were the versions available on the OS I was
> using (Amazon Linux 1).
>
> I decided to move over to CentOS 7, postfix 2.10. dovecot-2.2.36 and cyrus-sasl-lib-2.1.26
> . I realize this isn't the absolute latest of everything, but again, the
> closest I could get with RPMs right now.
>
> And, exactly the same behaviour. 25/587 is fine. 25+STARTTLS/465 either
> RENEGOTIATES SSL or immediately says DONE
>
> I also spun up Centos 8 which gave me postfix-3.3.1, dovecot-2.3.8 and
> cyrus-sasl-lib-2.1.27.
>
> And, exactly the same behaviour. 25/587 is fine. 25+STARTTLS/465 either
> RENEGOTIATES SSL or immediately says DONE
>
> I really need to get this going, any thoughts?
>
> Tnx, Tuc
>
>
> On Tue, Sep 22, 2020 at 12:12 AM Quanah Gibson-Mount <quanah at symas.com>
> wrote:
>
>>
>>
>> --On Monday, September 21, 2020 2:40 PM -0400 Scott Ellentuch
>> <tuctboh at gmail.com> wrote:
>>
>> > I'm using sendmail 8.14.4 and Sasl 2.1.23 . Config info
>>
>> Cyrus-SASL 2.1.23 released on 4/27/2009, over 11 years ago.
>>
>> You may want to see if the behavior your describing is addressed by any
>> of
>> the years of fixes since then as noted in
>> <https://raw.githubusercontent.com/cyrusimap/cyrus-sasl/master/ChangeLog>
>>
>> Regards,
>> Quanah
>>
>> --
>>
>> Quanah Gibson-Mount
>> Product Architect
>> Symas Corporation
>> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
>> <http://www.symas.com>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20200923/e736e0b2/attachment.html>
More information about the Cyrus-sasl
mailing list