Hi Stephan,
at a guess I would say that there is no overlap between supported TLS
protool versions and ciphers
available on the client vs the server.
if your system is using a recent version of an Os and you are trying
to relay to an older legacy system,
ideally ask the older system to uprade / enable higher ciphers....
or you can be more permissive on your tls configuration...
I hope this is helpful
On Wed, 6 Apr 2022 at 23:32, Stephan Mending <list@md5collisions.eu> wrote:
>
> Hi *,
> I've noticed on my mail relays, that tls handshake with one certain email relay keep failing. I was wondering what the
> reason for that may be.
>
> Following error from postfix:
>
> connect from mout.web.de[ IP ]:44003
> SSL_accept error from mout.web.de[ IP ]:44003: -1
> warning: TLS library problem: error:1404A42E:SSL routines:ST_ACCEPT:tlsv1 alert protocol version:/usr/src/lib/libssl/tls13_lib.c:150:
> lost connection after STARTTLS from mout.web.de
>
> Can anybody with more knowledge of libressl and it's error messages tell by this error what is wrong?
>
> Best regards,
> Stephan
>
--
Kindest regards,
Tom Smyth.
No comments:
Post a Comment