Mailinglist Archive: opensuse (769 mails)

< Previous Next >
Re: [opensuse] Off-Topic: sending details (in)securely via email
On 2016-05-29 20:35, Carlos E. R. wrote:
On 2016-05-29 20:12, Daniel Bauer wrote:

The SMTP server uses "Untrusted TLS" according
to postfix. Some time ago I looked and they were using a private
certificate, using the example certificate form of the software, not
even filling their own data. I haven't looked recently:

To verify the certificate I have to increase log verbosity.

Well, they changed that:

<2.6> 2016-05-29 20:35:12 Telcontar postfix 16816 - -
smtp.telefonica.net[86.109.99.70]:25: certificate verification depth=0 verify=0
subject=/C=ES/ST=MADRID/L=MADRID/O=Movistar/OU=Sistemas de
Informacion/CN=smtp.movistar.es
<2.6> 2016-05-29 20:35:12 Telcontar postfix 16816 - - message repeated 2
times: [ smtp.telefonica.net[86.109.99.70]:25: certificate verification depth=0
verify=0 subject=/C=ES/ST=MADRID/L=MADRID/O=Movistar/OU=Sistemas de
Informacion/CN=smtp.movistar.es]
...
<2.6> 2016-05-29 20:35:12 Telcontar postfix 16816 - -
smtp.telefonica.net[86.109.99.70]:25: subject_CN=smtp.movistar.es,
issuer_CN=Symantec Class 3 Secure Server CA - G4, fingerprint
22:6F:23:53:3E:7E:4B:E8:DF:4D:7C:9A:B7:0A:95:54,
pkey_fingerprint=31:4F:CA:EB:09:5A:B1:AC:D7:D5:3E:02:3B:52:1E:A1
<2.6> 2016-05-29 20:35:12 Telcontar postfix 16816 - - Untrusted TLS connection
established to smtp.telefonica.net[86.109.99.70]:25: TLSv1 with cipher RC4-SHA
(128/128 bits)

It appears to be a certificate from Symantec, dunno why untrusted.


This is what they had some time ago:

<2.6> 2012-06-18 00:48:17 Telcontar postfix 21900 - - certificate verification
failed for smtp.telefonica.net[213.4.149.228]:25: untrusted issuer /C=US/O
=RTFM, Inc./OU=Widgets Division/CN=Test CA20010517
<2.6> 2012-06-18 00:48:17 Telcontar postfix 21900 - - Untrusted TLS connection
established to smtp.telefonica.net[213.4.149.228]:25: TLSv1 with cipher DH
E-RSA-AES256-SHA (256/256 bits)


Do you see the "RTFM" in there? LOL.

--
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 "Bottle" at Telcontar)

< Previous Next >