I configured smtp auth over TLS for my Exim server, but when Outlook clients attempt to connect to it, they fail. Right now, I have a self signed certificate installed on Exim. 2009-06-16 11:20:44 TLS error on connection from adsl-71-151-79-51.dsl.snfc21.pacbell.net (Terry2) [71.151.79.51] (gnutls_handshake): A TLS packet with unexpected length was received. Anyone have SMTP auth working with on their Exim server where a client attempts to connect using Outlook 2007. I know, I hate Microsoft too. :( I verified that Evolution works as a client using TLS and PLAIN or LOGIN method. I am using Lenny and the most recent package. brian -- Brian Lavender http://www.brie.com/brian/
Boyd Stephen Smith Jr.
2009-Jun-17 19:38 UTC
[Pkg-exim4-users] SMTP AUTH server question with TLS
In <20090617184256.GZ7673 at brie.com>, Brian Lavender wrote:>I configured smtp auth over TLS for my Exim server, but when Outlook >clients attempt to connect to it, they fail. Right now, I have a self >signed certificate installed on Exim.IIRC, Outlook may not like the modern negotiated TLS, and instead want to use the informal "SMTPS", where the TLS connection is set up immediately. Make sure the Outlook clients are using a port listed in your tls_on_connect_ports in the "main" part of your configuration. IIRC, 465 is the most common port used for "SMTPS". -- Boyd Stephen Smith Jr. ,= ,-_-. =. bss at iguanasuicide.net ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-''(. .)`-'' http://iguanasuicide.net/ \_/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <http://lists.alioth.debian.org/pipermail/pkg-exim4-users/attachments/20090617/011d71f6/attachment.pgp>
For some reason, it just doesn''t want to work. In the file 03_exim4-config_tlsoptions, I put the option tls_on_connect_ports=465 then in Outlook, I put in authenticate for outgoing mail using SSL and on port 465. But then on the log for Exim, I get the following error. 2009-06-17 20:49:55 TLS error on connection from 76-191-246-8.dsl.static.sonic.net [76.191.246.8] (gnutls_handshake): A TLS packet with unexpected length was received. This just baffles me. brian On Wed, Jun 17, 2009 at 02:38:45PM -0500, Boyd Stephen Smith Jr. wrote:> In <20090617184256.GZ7673 at brie.com>, Brian Lavender wrote: > >I configured smtp auth over TLS for my Exim server, but when Outlook > >clients attempt to connect to it, they fail. Right now, I have a self > >signed certificate installed on Exim. > > IIRC, Outlook may not like the modern negotiated TLS, and instead want to > use the informal "SMTPS", where the TLS connection is set up immediately. > > Make sure the Outlook clients are using a port listed in your > tls_on_connect_ports in the "main" part of your configuration. IIRC, 465 is > the most common port used for "SMTPS". > -- > Boyd Stephen Smith Jr. ,= ,-_-. =. > bss at iguanasuicide.net ((_/)o o(\_)) > ICQ: 514984 YM/AIM: DaTwinkDaddy `-''(. .)`-'' > http://iguanasuicide.net/ \_/ >> _______________________________________________ > Pkg-exim4-users mailing list > Pkg-exim4-users at lists.alioth.debian.org > http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users-- Brian Lavender http://www.brie.com/brian/
It appears to be a problem with the CA list. I unchecked a number of CAs in the list using the following command. dpkg-reconfigure ca-certificates And, it worked. It seems related to this thread. http://lists.alioth.debian.org/pipermail/pkg-exim4-users/2008-April/001351.html I did the port 465 with the SSL config. brian On Wed, Jun 17, 2009 at 08:50:29PM -0700, Brian Lavender wrote:> For some reason, it just doesn''t want to work. > > In the file 03_exim4-config_tlsoptions, I put the option > > tls_on_connect_ports=465 > > then in Outlook, I put in authenticate for outgoing mail using SSL and > on port 465. But then on the log for Exim, I get the following error. > > 2009-06-17 20:49:55 TLS error on connection from 76-191-246-8.dsl.static.sonic.net [76.191.246.8] (gnutls_handshake): A TLS packet with unexpected length was received. > > This just baffles me. > > brian > > On Wed, Jun 17, 2009 at 02:38:45PM -0500, Boyd Stephen Smith Jr. wrote: > > In <20090617184256.GZ7673 at brie.com>, Brian Lavender wrote: > > >I configured smtp auth over TLS for my Exim server, but when Outlook > > >clients attempt to connect to it, they fail. Right now, I have a self > > >signed certificate installed on Exim. > > > > IIRC, Outlook may not like the modern negotiated TLS, and instead want to > > use the informal "SMTPS", where the TLS connection is set up immediately. > > > > Make sure the Outlook clients are using a port listed in your > > tls_on_connect_ports in the "main" part of your configuration. IIRC, 465 is > > the most common port used for "SMTPS". > > -- > > Boyd Stephen Smith Jr. ,= ,-_-. =. > > bss at iguanasuicide.net ((_/)o o(\_)) > > ICQ: 514984 YM/AIM: DaTwinkDaddy `-''(. .)`-'' > > http://iguanasuicide.net/ \_/ > > > > > > > _______________________________________________ > > Pkg-exim4-users mailing list > > Pkg-exim4-users at lists.alioth.debian.org > > http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users > > -- > Brian Lavender > http://www.brie.com/brian/ > > _______________________________________________ > Pkg-exim4-users mailing list > Pkg-exim4-users at lists.alioth.debian.org > http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users-- Brian Lavender http://www.brie.com/brian/