19.09.2018 23:36, Carlos E. R. пишет:
On 19/09/2018 16.10, Andrei Borzenkov wrote:
19.09.2018 22:47, Carlos E. R. пишет:
...
<2.6> 2018-09-19 21:30:13 Legolas postfix 11876 - - connect from localhost[::1]
<2.6> 2018-09-19 21:30:14 Legolas postfix 11876 - - 8DAC5E309C: client=localhost[::1]
<2.6> 2018-09-19 21:30:14 Legolas postfix 11879 - - 8DAC5E309C: message-id=<21341d87-6961-3985-fb3d-c792bd369ea1@gmx.es>
<2.6> 2018-09-19 21:30:14 Legolas postfix 11715 - - 8DAC5E309C: from=<robin.listas@gmx.es>, size=2146, nrcpt=1 (queue active)
<2.6> 2018-09-19 21:30:14 Legolas postfix 11876 - - disconnect from localhost[::1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
<2.6> 2018-09-19 21:30:15 Legolas postfix 11880 - - SSL_connect error to 127.0.0.1[127.0.0.1]:10024: -1
<2.4> 2018-09-19 21:30:15 Legolas postfix 11880 - - warning: TLS library problem: error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:252:
<2.6> 2018-09-19 21:30:15 Legolas postfix 11880 - - 8DAC5E309C: to=<opensuse@opensuse.org>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.49, delays=0.08/0.19/0.22/0, dsn=4.7.5, status=deferred (Cannot start TLS: handshake failure)
Well, you configured postfix SMTP client to use SMTPS which presumably also applies to internal connection. So you need to also enable SMTPS in server internally or configure postfix to use SMTPS only for outgoing relay.
"postfix SMTP client" is Thunderbird?
"postfix SMTP client" is exactly what it is - "postfix SMTP client". TB has no problems submitting mail to postfix because it talks to server, not client.
No, it is configured to use port 25.
I only told it to connect to [mail.gmx.es] using port 465, I did not tell it to change anything else.
Oh, really? So you did not set these options below?
Then the thing demanded I do:
smtp_tls_security_level = encrypt smtp_sasl_tls_security_options = noanonymous smtp_tls_wrappermode = yes
which I did,
So you did say that postfix must use explicit SSL when initiating SMTP connection, did not you?
then it complained about a library version problem:
SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:252:
Where the hell do you see *LIBRARY* version here? It says that it got wrong SSL version which is of course true because it did not get SSL reply in the first place.
This entry in the log "relay=127.0.0.1[127.0.0.1]:10024" is related to amavis. Amavis is listening on that port:
/etc/amavisd.conf:
$inet_socket_port = 10024; # listen on this local TCP port(s)
I presume postfix is using SMTP to speak with amavis.
Why on earth are the changes needed for the external ISP GMX.ES affecting the internal amavis handling?
Why on earth do not you even try to understand the meaning of what you do? You change global postfix behavior and then you are surprised that it strikes back?
Otherwise, how on earth do I configure postfix to send to gmx.es using port 465 properly without affecting the rest?
You may define additional transport with explicit SMTPS and use it instead of "relay" for outgoing mail. Something like (untested) /etc/postfix/master.cf: relay-smtps unix - - n - - smtp # Client-side SMTPS requires "encrypt" or stronger. -o smtp_tls_security_level=encrypt -o smtp_tls_wrappermode=yes /etc/postfix/main.cf: relay_transport = relay-smtps There are likely a lot of different ways how it can be achieved depending on how complicated your configuration is.
Surely people on this continent using the daft Bell network must do something?
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org