Prev-20 Home Next-20 2 msg 2 postfix server on the same domain in differen... 3 msg mailer-deamon sends error messages to: question 3 msg Procmail MAIL FROM timeout with ciphers=high \ Martin Schmitt (Schmitt Systems) (30 Nov 2007) . \ Victor Duchovni (30 Nov 2007) . \ Bill Cole (30 Nov 2007) . . \ Victor Duchovni (30 Nov 2007) . . . \ Martin Schmitt (Schmitt Systems) (3 Dec 2007) . . . . \ Victor Duchovni (3 Dec 2007) . . . . . \ Martin Schmitt (Schmitt Systems) (6 Dec 2007) . . . . . . \ Victor Duchovni (6 Dec 2007) . . . . . . . \ Martin Schmitt (Schmitt Systems) (6 Dec 2007) . . . . . . . . \ Victor Duchovni (6 Dec 2007) . . . . . . . . . \ Martin Schmitt (Schmitt Systems) (6 Dec 2007) . . . . . . . . . . \ Victor Duchovni (6 Dec 2007) . . . . . . . . . . . \ Martin Schmitt (Schmitt Systems) (10 Dec 2007) . . . . . . . . . . . . \ Victor Duchovni (10 Dec 2007) . . \ Martin Schmitt (Schmitt Systems) (3 Dec 2007) 2 msg milter, broken pipe 17 msg How to listen on 587 as well as 25? 6 msg reject_sender_login_mismatch doesnt work 2 msg smtp auth 4 msg Postfix with MYSQL compile error 8 msg mynetworks=<empty> vs mynetworks=<defa... 3 msg message_size_limit with ldap search parameter 2 msg Pipe debugging 12 msg destination_concurrency_limit not respected ? 13 msg Virtual spam forwarding issues 2 msg cleaning up deferred queue 2 msg static nexthop per domain 2 msg Simple postmap question 9 msg Issues with Recipient_Canonical mapping 3 msg Mail server reboot after got flood 3 msg can't create a virtual domain Prev-20 Home Next-20

Prev-Msg Prev-Thread Postfix-users Nov-2007 Next-Thread Next-Msg Subject: Re: MAIL FROM timeout with ciphers=high Group: Postfix-users From: Victor Duchovni Date: 30 Nov 2007 On Fri, Nov 30, 2007 at 12:07:24PM -0500, Bill Cole wrote: > http://www.postfix.org/TLS_README.html provides some enlightenment on > the operational issues with TLS and mail, and they are very real. But this does not concretely address the OP's problem. In this case there is a post-handshake bug in the SSL 3DES cipher implementation in most fielded Microsoft systems (they don't usefully support anything other than RC4). The bug results in 5 clear-text bytes from application memory leaking into SSL application data messages after the valid ciphertext. The resulting data stream is no longer a sequence of SSL/TLS messages and so the connection breaks immediately after the HELO response (first post-handshake reply from the server). When using TLS with Microsoft Crypto-API systems that predate Windows Server 2007 or Vista, one must accept the use of RC4. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the "Reply-To" header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: <mailto:majordomo?body=unsubscribe%20postfix-users> If my response solves your problem, the best way to thank me is to not send an "it worked, thanks" follow-up. If you must respond, please put "It worked, thanks" in the "Subject" so I can delete these quickly. Prev-Msg Prev-Thread Postfix-users Nov-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com