SASL Auth not working SMTP with STARTTLS/SSL
Scott Ellentuch
tuctboh at gmail.com
Wed Sep 23 14:28:36 EDT 2020
Hi,
Thanks for replying. I don't know if I should laugh or cry, I've found the
issue......
So I didn't use the -starttls because I was going directly to port 465 of
the SMTP server (Sendmail, Postfix and Stunnel). Each time, if I used
telnet to get to port 25 and test and was fine. As soon as I used openssl
things went south. I could do it on 465, I could do it on 25 with the
"-starttls smtp" , etc... and it always failed.
So it wasn't until I got onto a CentOS 8 system that when I tried, it
actually closed with an error message "RENEGOTIATING SSL
routines:SSL_renegotiate:wrong ssl version:ssl/ssl_lib.c". I googled and
actually found
https://noknow.info/it/postfix/solved_ssl_routines_renegotiate . Its
apparently a "FEATURE" that if any of your input starts with "R", it'll
renegotiate, and apparently "Q" quits. When I finally added "-silent" onto
the command line, things worked everywhere.
Sorry for spamming.... It's amazing I couldn't find this info sooner. My
system is up/running fine on the original setup with the old software.
Thanks all for the time!
Tuc
On Wed, Sep 23, 2020 at 2:18 PM Quanah Gibson-Mount <quanah at symas.com>
wrote:
>
>
> --On Wednesday, September 23, 2020 12:42 PM -0400 Scott Ellentuch
> <tuctboh at gmail.com> wrote:
>
> >
> > Hi,
>
> What is your exact openssl s_client command?
>
> I.e., <http://www.postfix.org/SASL_README.html#server_test>, you didn't
> list that you used -starttls smtp as an option in your original email.
>
> Regards,
> Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20200923/dc0e838d/attachment.html>
More information about the Cyrus-sasl
mailing list