Re: Postfix + AUTH/TLS + Outlook/OE problem
- From: "Vlad GALU" <vladgalu@xxxxxxxxx>
- Date: Mon, 21 Aug 2006 10:57:07 +0300
On 8/19/06, Adrian Gonzalez <adrianbsd@xxxxxxxxxxxx> wrote:
Hi Darren
Comments below...
Darren Pilgrim wrote:
> Adrian Gonzalez wrote:
> > Hello
> >
> > I'm seeing some very strange behavior with Outlook 2003 and Outlook
> > Express trying to send mail using TLS/SMTP Auth with Postfix 2.3 and
> > FreeBSD 6.1-STABLE
> >
> > It seems like Outlook/OE don't like the SSL handshake for some
> > reason. They connect to the server, issue STARTTLS, and disconnect
> > during the handshake, giving an "Error Number: 0x800CCC0B". I've
> > tried both STARTTLS and using 'wrapper mode' on port 465 with the
> > same results.
>
Don't you have any antiviral software running on the Win32 box by
any chance ? There are cases (such as with Avast) when the STARTTLS
doesn't succeed due to the software's connection monitoring module
refusing to let it pass due to encryption.
> Which version of Outlook Express were you using? Outlook Express 6
> doesn't support STARTTLS, only wrapper-mode. OE6 also also has a broken
> SASL implementation (set broken_sasl_auth_clients=yes). Yay for Microsoft!
Outlook Express 6 (6.00.2900.2180 according to the 'about' window). Basically,
the one that comes with Windows XP Pro + All current updates/service packs. It
does seem to be trying STARTTLS though. I did have the broken_sasl_auth_clients
option enabled, I believe it just causes postfix to 'advertise' AUTH in the
usual way along with outlook's broken way.
> Have you modified your cipher settings in postfix? FYR, Outlook XP/2003
> and Outlook Express 6 prefer 128-bit RC4-MD5 and do not support AES,
> whereas Thunderbird supports and prefers AES256-SHA.
I suspect OE might not like what the server is offering, but I'm not qute sure
what to change. The postfix manual strongly advises against excluding ciphers.
Any suggestions?
> On my own mail server, I can send email using all four clients through
> STARTTLS+SASL (Outlook and Thunderbird) or SMTPS+SASL (OE). The server
> is FreeBSD RELENG_6_1 with the stock OpenSSL and postfix 2.3.1 with
> default tls_*_cipherlist settings.
I'm using 2.3.0,1 with the updated stable OpenSSL. I'll try updating my ports
tree and rebuilding the latest stable postfix and see what happens.
> Be happy to compare configs off-list, postconf -n and the like.
Thanks!
>
> P.S. You may want to retry this question on postfix-users. You'll have
> better luck if you're willing to wade through the usual "ditch MS" rude
> commentary.
>
> P.P.S. Please configure your mail client to wrap lines.
I normally do, but the postfix logs looked really bad with wrapping :)
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"
--
If it's there, and you can see it, it's real.
If it's not there, and you can see it, it's virtual.
If it's there, and you can't see it, it's transparent.
If it's not there, and you can't see it, you erased it.
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"
- References:
- Postfix + AUTH/TLS + Outlook/OE problem
- From: Adrian Gonzalez
- Re: Postfix + AUTH/TLS + Outlook/OE problem
- From: Darren Pilgrim
- Re: Postfix + AUTH/TLS + Outlook/OE problem
- From: Adrian Gonzalez
- Postfix + AUTH/TLS + Outlook/OE problem
- Prev by Date: Re: Postfix + AUTH/TLS + Outlook/OE problem
- Next by Date: Mail System Error - Undeliverable Mail
- Previous by thread: Re: Postfix + AUTH/TLS + Outlook/OE problem
- Next by thread: Re: Postfix + AUTH/TLS + Outlook/OE problem
- Index(es):
Relevant Pages
|
|
