[Pkg-exim4-users] TLS error on connection
ael
witwall3 at disroot.org
Sat Mar 4 18:30:03 GMT 2023
I have Exim4 now working with OAUTH2 sending to a ms outlook.office356
SMTP server (which I am forced to use).
I am using a somewhat adapted exim.conf.template using debian testing.
While testing, I have encountered two apparently benign error messages:
1) H=outlook.xx.office365.com [xx.xx.xxx.xxx] TLS error on connection (recv):
Error in the pull function.
That was after a succesful delivery using XOAUTH2 to the ms SMTP server.
At first I thought that it might be some quirk of the MS XAUTH
implementation.
But the I discovered something similar report with delivery to an "ordinary",
but disreputatble smarthost:
2) H=mail.xx.xxinternet.com [xxx.xxx.xx.x] TLS error on connection (recv): The TLS connection was non-properly terminated.
--------------------------------------------------------
I am using the debian light binary:
# exim -bV
Exim version 4.96 #2 built 04-Feb-2023 12:33:50
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007
- 2022
Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS TLS_resume move_frozen_messages
DANE DKIM DNSSEC Event I18N OCSP PIPECONNECT PRDR Queue_Ramp SOCKS SRS
TCP_Fast_Open
[..smtp..]
So it is using GNuTLS and what duck-duck-Going I have done seems to
suggest that these error messages may be coming from the gnutls
library rather from the remote SMTP servers.
Perhaps I have simply made a mistake in the configuration, but I have no
such problems with at least 2 other smarthosts, such as disroot,org
through which I am sending this email.
I am using driver=smtp for the transports.
-------------------------------------------------------------------
Below is a part of an exim -v test to the ms XOAUTH2 server somewhat
redacted. The error is in the penultimate line.:
Connecting to outlook.xx.office365.com [xx.xx.xxx.xxx]:587 ... TFO mode sendto, no data: EINPROGRESS
connected
SMTP<< 220 xxxxxxxxxxxx.outlook.office365.com Microsoft ESMTP MAIL Service ready at Sat, 4 Mar 2023 11:14:06 +0000
SMTP>> EHLO me.here
SMTP<< 250-LO4P123CA0173.outlook.office365.com Hello [myip]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
SMTP>> STARTTLS
SMTP<< 220 2.0.0 SMTP server ready
SMTP>> EHLO me.here
SMTP<< 250-LO4P123CA0173.outlook.office365.com Hello [myip]
250-SIZE 157286400
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-AUTH LOGIN XOAUTH2
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 SMTPUTF8
SMTP>> AUTH XOAUTH2 ************
[.. snip..]
SMTP<< 235 2.7.0 Authentication successful
SMTP|> MAIL FROM:<myemail at somewhere> SIZE=1378 AUTH=ael at me.here
SMTP|> RCPT TO:<witwall3 at disroot.org>
will write message using CHUNKING
SMTP+> BDAT 369 LAST
SMTP>> QUIT
SMTP<< 250 2.1.0 Sender OK
SMTP<< 250 2.1.5 Recipient OK
SMTP<< 250 2.0.0 OK <E1pYPpI-0002cc-2b at me.here> [Hostname=redacted.PROD.OUTLOOK.COM]
SMTP<< 221 2.0.0 Service closing transmission channel
LOG: MAIN
H=outlook.xx.office365.com [ipaddres] TLS error on connection (recv):
Error in the pull function.
SMTP(close)>>
===========================================================================
I need to look at the exim spec again, I suppose. And I am no expert on
TLS, so I would appreciate any help. Maybe I need to look at the source
of the gnutls library and grep for those error messages...
Thanks in advance,
ael
More information about the Pkg-exim4-users
mailing list