On Fri, Feb 2, 2024, at 6:44 PM, Herbert J. Skuhra wrote:
> On Sat, Feb 03, 2024 at 03:00:10AM +0300, Mark wrote:
>> Hi.
>>
>> It seems that the recent Postfix update under 7.4-amd64,
>> (package: postfix-3.8.20221007p12-sasl2-mysql) breaks TLS connections,
>> coming from Gmail servers, throwing a TLS library problem.
>>
>> Here's the log output;
>>
>> postfix/smtpd[32879]: connect from mail-yw1-f178.google.com[209.85.128.178]
>>
>> postfix/smtpd[7374]: Trusted TLS connection established from
>> mail-lf1-f45.google.com[209.85.167.45]: TLSv1.3
>> with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
>> server-signature ECDSA (prime256v1) server-digest SHA256 client-signature
>> RSA-PSS (2048 bits) client-digest SHA256
>>
>> postfix/smtpd[7374]: warning: TLS library problem: error:0A000126:SSL
>> routines::unexpected eof while reading:ssl/record/rec_layer_s3.c:308:
>> postfix/smtpd[7374]: lost connection after STARTTLS from
>> mail-lf1-f45.google.com[209.85.167.45]
>> postfix/smtpd[7374]: disconnect from mail-lf1-f45.google.com[209.85.167.45]
>> ehlo=1 starttls=1 commands=2
>>
>> Before updating the package, I had postfix-3.8.20221007p11, and it had no
>> such problem.
>
> Why do you run such an outdated postfix snapshot?
That is the latest version that is supported/available in packages-stable:
https://cdn.openbsd.org/pub/OpenBSD/7.4/packages-stable/amd64/
Brian Conway
Owner
RCE Software, LLC
No comments:
Post a Comment