<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
<html><head><meta name="qrichtext" content="1" /><style type="text/css">
p, li { white-space: pre-wrap; }
</style></head><body style=" font-family:'DejaVu Sans'; font-size:9pt; font-weight:400; font-style:normal;">
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Am Donnerstag, 16. September 2021, 16:59:07 CEST schrieb Ralph Meyer:</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> > Sep 16 15:13:20 mx postfix/submission/smtpd[11588]: warning: TLS</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> > library</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> > problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> > number:../ ssl/record/ssl3_record.c:331</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> die Clients versuchen SSLv3, was du verbietest ?</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> >> > smtp_tls_protocols = !SSLv2, !SSLv3</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > Habe ich korrigiert in</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> > smtp_tls_protocols = SSLv2, SSLv3</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> Glaub ich hab mich verkuckt. smtp_tls_protocols ist glaube für das Senden.</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> Jetzt sprichst du anscheinend nur noch SSLv2 und 3, was so ziemlich alle</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> deaktiviert haben dürften. Also dort wieder !SSLv2, !SSLv3.</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> Schau mal bei smtpd_tls......</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">> Ich hab leider keine Doku zur Hand. Wer weiß es ohne nachlesen zu müssen ?</p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;">Geht mir genauso. Da habe ich </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_security_level</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = </span><span style=" font-family:'monospace'; color:#18b2b2; background-color:#b2b2b2;">may</span><span style=" font-family:'monospace'; color:#000000; background-color:#b2b2b2;"> </span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#b2b2b2;">smtpd_tls_auth_only</span><span style=" font-family:'monospace'; color:#000000; background-color:#b2b2b2;"> = </span><span style=" font-family:'monospace'; color:#b21818; background-color:#b2b2b2;">yes</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_ciphers</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = </span><span style=" font-family:'monospace'; color:#18b2b2; background-color:#ffffff;">medium</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_mandatory_protocols</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = !SSLv3 </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_protocols</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = SSLv3 </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_mandatory_ciphers</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = </span><span style=" font-family:'monospace'; color:#18b2b2; background-color:#ffffff;">high</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_exclude_ciphers</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = ECDHE-RSA-RC4-SHA, RC4, aNULL </span><span style=" font-family:'monospace';"><br /></span><span style=" font-family:'monospace'; color:#af5f00; background-color:#ffffff;">smtpd_tls_mandatory_exclude_ciphers</span><span style=" font-family:'monospace'; color:#000000; background-color:#ffffff;"> = ECDHE-RSA-RC4-SHA, RC4, aNULL</span><span style=" font-family:'monospace';"><br /></span></p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><span style=" font-family:'monospace';">Aber wie gesagt, das hatte bisher prima funktioniert.</span></p>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; "> </p>
<p style=" margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><span style=" font-family:'monospace';">Andreas</span></p></body></html>