lord-icon
Apr 15, 2015, updated at 17:32:43 (UTC)
view1434
view2
0
Goto Top

CheckTLS TestSender FAILED

GermansolvedQuestionE-MailInternet
Moins..

ich versuch grad n neuen Mailserver aufzubauen. Diesmal mit SSL face-wink
Prinzipell klappt alles. Ich kann auf allen Ports senden uns auch empfangen.
993 für IMAP(S)
995 für POP3(S)
465 für SMTP(S)

Nun hab ich mal einen SSL Email-Test rüberschicken lassen... der natürlich gleich fehlschlag.

Anbei das, was ich zurückbekommen hab.

Was soll ich noch posten?
main.cf /dovecot.conf / transport oder die master.
Will jetzt nicht den ganzen Post endlos erscheinen lassen.

VIELEN VIELEN Dank für Tipps.

Below are the details from your CheckTLS TestSender test from <info@domain.de> via [230.175.195.38] run on 2015-04-15 12:22:26 EDT. 
Original email Subject: sx9zf6sdcvdkv

Your email was sent, however it was NOT SENT SECURELY using TLS.

A transcript of the eMail SMTP session is below:
--> this would be a line from your email system to our test
<-- and this would be a line to your email system from our test

If TLS was negotiated, a line is added:
====tls negotiation successful (cypher: cyphername, client cert: certinfo)

Everything after that line is secure (encrypted), as indicated by:
~~> commands from your system then have wiggly lines
<~~ and responses from our system do too

Any errors that the test noticed are noted in the log by asterisk boxes:
***************************************
*** ********** Error Note ********* ***
***                                 ***
*** The error message would be here ***
***                                 ***
***************************************
***************************************

___TRANSCRIPT BEGINS ON THE NEXT LINE___
<-- 220 ts3.checktls.com CheckTLS TestSender Wed, 15 Apr 2015 12:22:25 -0400
--> EHLO mail.domain.de
<-- 250-ts3.checktls.com Hello mail.domain.de [230.175.195.38], pleased to meet you
<-- 250-ENHANCEDSTATUSCODES
<-- 250-8BITMIME
<-- 250-STARTTLS
<-- 250 HELP
--> MAIL FROM:<info@domain.de> BODY=7BIT
<-- 250 Ok - mail from info@domain.de
--> RCPT TO:<test@TestSender.CheckTLS.com>
<-- 250 Ok - recipient test@TestSender.CheckTLS.com
--> DATA
<-- 354 Send data.  End with CRLF.CRLF
--> Received: from localhost (localhost [127.0.0.1])
--> 	by mail.domain.de (Postfix) with ESMTP id A7002340082
--> 	for <test@TestSender.CheckTLS.com>; Wed, 15 Apr 2015 18:22:24 +0200 (CEST)
--> X-Virus-Scanned: Debian amavisd-new
--> Received: from [192.168.0.91] (ip5b584483.dynamic.kabel-deutschland.de [65.458.52.131])
--> 	by mail.domain.de (Postfix) with ESMTPSA id 9222234007C
--> 	for <test@TestSender.CheckTLS.com>; Wed, 15 Apr 2015 18:22:23 +0200 (CEST)
--> Message-ID: <552E9040.2080603@domain.de>
--> Date: Wed, 15 Apr 2015 18:22:24 +0200
--> From: t <info@domain.de>
--> User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
--> MIME-Version: 1.0
--> To: test@TestSender.CheckTLS.com
--> Subject: sx9zf6sdcvdkv
--> Content-Type: text/plain; charset=utf-8; format=flowed
--> Content-Transfer-Encoding: 7bit
--> 
--> 
--> .
<-- 250 Ok
--> QUIT
<-- 221 ts3.checktls.com closing connection
comment-contentCommentShareShare
Share on Facebook Share on Twitter Share on Reddit Share on Linkedin

Content-Key: 269236

Url: https://administrator.de/contentid/269236

Printed on: April 25, 2024 at 16:04 o'clock

2 Comments
Latest comment
Goto Top
Member: lord-icon
lord-icon Apr 15, 2015 updated at 17:33:03 (UTC)
Goto Top
Ich hab das ganze mal auf GMail getestet. Da geht es. Fraglich ist nun, was ich falsch gemacht habe bzw. noch nicht eingestellt habe.

Hier nochmal meine ersten 8 Header Zeilen, die identisch sind mit GMail.
___TRANSCRIPT BEGINS ON THE NEXT LINE___ 
<-- 220 ts3.checktls.com CheckTLS TestSender Wed, 15 Apr 2015 12:22:25 -0400 
--> EHLO mail.domain.de 
<-- 250-ts3.checktls.com Hello mail.domain.de [230.175.195.38], pleased to meet you 
<-- 250-ENHANCEDSTATUSCODES 
<-- 250-8BITMIME 
<-- 250-STARTTLS 
<-- 250 HELP 
Bei GMail siehts so aus:
___TRANSCRIPT BEGINS ON THE NEXT LINE___
<-- 220 ts3.checktls.com CheckTLS TestSender Wed, 15 Apr 2015 13:14:58 -0400
--> EHLO mail-ob0-f172.google.com
<-- 250-ts3.checktls.com Hello mail-ob0-f172.google.com [209.85.214.172], pleased to meet you
<-- 250-ENHANCEDSTATUSCODES
<-- 250-8BITMIME
<-- 250-STARTTLS
<-- 250 HELP
--> STARTTLS
<-- 220 Ready to start TLS

Wie erreiche ich das ?
Member: lord-icon
lord-icon Apr 15, 2015 at 17:34:36 (UTC)
Goto Top
gelöst

ich habe in der main.cf folgendes hinzugefügen:

smtpd_tls_received_header = yes
smtp_tls_loglevel = 1
smtp_tls_security_level = may
GermansolvedQuestionE-MailInternet
Hotly discussed
gleixnerdCheck of ZFW Firewallgleixnerd - 5 CommentsjstrickerWireguard VPN on UDM Pro behind Fritzbox - Handshake did not completejstricker - 3 Comments