(solved) Re: dma fails to connect (error:1408F10B:SSL routines:ssl3_get_record:wrong version number)

From: Ronald Klop <ronald-lists_at_klop.ws>
Date: Sun, 16 Aug 2020 20:52:04 +0200
On Sun, 16 Aug 2020 16:44:51 +0200, Ronald Klop <ronald-lists_at_klop.ws>  
wrote:

> Hi,
>
> I have uname -UK -> 1300101 1300101 in my laptop. This uses libexec/dma  
> as mail agent.
> I have 2 jails running uname -U -> 1300101 and 1300104. All dma configs  
> are the same.
>
> In all 1300101 versions dma can deliver mail to my smarthost. On 1300104  
> I get:
>
> Aug 16 16:29:00 freebsd13_py3 dma[385ba.800e480a0][52169]: trying remote  
> delivery to smtp.greenhost.nl [213.108.110.112] pref 0
> Aug 16 16:29:00 freebsd13_py3 dma[385ba.800e480a0][52169]:  
> SSL_client_method
> Aug 16 16:29:00 freebsd13_py3 dma[385ba.800e480a0][52169]: remote  
> delivery deferred: SSL handshake failed fatally: error:1408F10B:SSL  
> routines:ssl3_get_record:wrong version number
>
> Any thoughts on this?
> bisecting this will take me hours and hours of compilation
>
> Regards,
> Ronald.


I found the cause of the error with ngrep. My jail has an underscore in  
the name and the SMTP EHLO command complained about it. But the error  
handling in dma does not handle this error properly if STARTTLS is  
enabled, so communication with the server goes wrong which results in  
STARTTLS getting weird results later on.

I proposed a fix upstream and will rename my jail to not contain an  
underscore in the hostname.
https://github.com/corecode/dma/pull/87

Computers and all the time consuming little bugs. Arrgh.

Ronald.
Received on Sun Aug 16 2020 - 16:52:11 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:24 UTC