Добрый день.
Вопрос первый:
Получил отлуп при отправке письма в Ваш лист рассылки:
Failed to deliver to 'CGatePro@mx.ru'
LIST module(list CGatePro@mx.ru) reports:
Your message cannot be posted.
It is composed using the 'utf-8' character set,
and this list accepts KOI8-R only
это с его вдруг ?
И второй впрос про работу TLS в CGP:
При отправке почты из CGP (бета 7) на postfix (2.1.3)
получаю вот такую запись в лог:
21:01:46.00 5 SMTP-00088() started
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) processing
21:01:46.00 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) resolving
'mailrelay-reg1.inside.mts.ru:587'
21:01:46.00 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) connecting to
[192.168.26.1]
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 220
mailrelay-reg1.inside.mts.ru ESMTP
21:01:46.00 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) connected to
mailrelay-reg1.inside.mts.ru:587 [192.168.26.1:587], ESMTP
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) out: EHLO
cgp.mts.ru\r\n
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp:
250-mailrelay-reg1.inside.mts.ru
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp:
250-PIPELINING
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 250-SIZE
16777216
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 250-VRFY
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 250-ETRN
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 250-STARTTLS
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 250 8BITMIME
21:01:46.00 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) Connected. SIZE
TLS
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) out: STARTTLS\r\n
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) inp: 220 Ready to
start TLS
21:01:46.00 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) TLS handshake:
sending 'client Hello'
21:01:46.00 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) TLS out 22: (53)
01 00 00 31 03 00 40 3D 66 FA 30 30 30 30 11 11 68 63 DC FA 5E 40 AC E0 16
E7 11 11 1B 16 DC F8 C8 B1 66 91 41 41 00 00 0A 00 0A 00 06 00 05 00 04 00
03 01 00
21:01:46.01 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) TLS inp 22: (74)
02 00 00 46 03 00 40 F5 66 FA AD 5B 25 FC 13 16 4A 0B A0 4B DA 2C 41 04 03
7D 88 4C E3 86 45 76 CA 3A 14 0F 03 ED 20 AA 46 40 A8 15 46 9C 64 49 C4 FF
F0 A5 F3 3E 34 85 17 1E AD 90 91 37 FB 56 FD BD D9 5D 68 89 C4 00 0A 00
21:01:46.01 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) TLSv0 server
hello: method=DES3_SHA, residual=1
21:01:46.01 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) TLS inp 22:
(2015) 0B 00 07 DB 00 07 D8 00 04 3A 30 82 04 36 30 82 03 9F A0 03 02 01 02
02 11 00 CA 08 1F A6 13 FB 59 9E B9 EF 6A D6 58 BE 3A 2E 30 0D 06 09 2A 86
48 86 F7 0D 01 01 05 05 00 30 6F 31 13 30 11 06 0A 09 92 26 89 93 F2 2C 64
01
21:01:46.01 4 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) certificate
received: mailrelay-reg1.inside.mts.ru
21:01:46.22 5 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) TLS out 21: (2)
02 0A
21:01:46.22 3 SMTP-00088(mailrelay-reg1.inside.mts.ru:587) failed to
establish a secure connection with [192.168.26.1:587]. Error Code=the
certificate 'Subject' name does not match the addressed server name
21:01:46.22 4 SMTP(mailrelay-reg1.inside.mts.ru:587) re-enqueue
В логаз постфикса:
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info] connect
from mail.inside.mts.ru[10.0.16.1]
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info] setting
up TLS connection from mail.inside.mts.ru[10.0.16.1]
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:before/accept initialization
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:error in SSLv2/v3 read client hello A
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:error in SSLv3 read client hello B
Jul 14 21:04:06 melita last message repeated 1 time
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:SSLv3 read client hello B
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:SSLv3 write server hello A
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:SSLv3 write certificate A
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:SSLv3 write certificate request A
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:SSLv3 flush data
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:error in SSLv3 read client certificate A
Jul 14 21:04:06 melita last message repeated 1 time
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info] SSL3
alert read:fatal:unexpected_message
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept:failed in SSLv3 read client certificate A
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
SSL_accept error from mail.inside.mts.ru[10.0.16.1]: 0
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
17329:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected
message:s3_pkt.c:1052:SSL alert number 10:
Jul 14 21:04:06 melita postfix/smtpd[17329]: [ID 197553 mail.info]
disconnect from mail.inside.mts.ru[10.0.16.1]
Есть какие-нибудт идеи с чем это связанно ?
В ЦГП настройки:
router: komi.mts.ru = komi.mts.ru@mailrelay-reg1.inside.mts.ru.587.smtp
SMTP ->Send Encrypted (SSL/TLS): mailrelay-reg1.inside.mts.ru:587
Сертификаты выписанны одной и той же CA - между postfix <-> sendmail все
ходит нормально:
Received: from simona.komi.mts.ru (unknown [10.50.8.1])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "simona.komi.mts.ru", Issuer "SSL Server CA" (verified OK))
by mailserver-reg1.inside.mts.ru (Postfix) with ESMTP id D5A33EE0C
for <nomad@mts.ru>; Wed, 14 Jul 2004 18:53:02 +0400 (MSD)
Received: from mailserver-reg1.inside.mts.ru ([192.168.26.3])
by simona.komi.mts.ru (MTS Komi/Smtp) with ESMTP id i6EEqx8m058940
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
for <test@komi.mts.ru>; Wed, 14 Jul 2004 18:53:00 +0400 (MSD)
Причем доже ИЗ postfix в CGP все ходит "нормальо":
Jul 14 21:12:02 melita postfix/smtp[17337]: [ID 197553 mail.info]
SSL_connect:SSLv3 read finished A
Jul 14 21:12:02 melita postfix/smtp[17337]: [ID 197553 mail.info] Verified:
subject_CN=mail.inside.mts.ru, issuer=SSL Server CA
Jul 14 21:12:02 melita postfix/smtp[17337]: [ID 197553 mail.info] TLS
connection established to 10.0.16.1: TLSv1 with cipher DES-CBC3-SHA (168/168
bits)
Jul 14 21:12:02 melita postfix/smtp[17337]: [ID 197553 mail.info] 445FFEE0C:
to=<nomad@mts.ru>, relay=10.0.16.1[10.0.16.1], delay=1, status=sent (250
470009 message accepted for delivery)
Jul 14 21:12:02 melita postfix/qmgr[17327]: [ID 197553 mail.info] 445FFEE0C:
removed
Получено Wed Jul 14 17:21:43 2004