ein Nutzer meiner Emailpostfächer kann sein Outlook 2007 auf einem Windwos XP Rechner mit Kaspersky Internetsecurity nicht mit meinem Postfix Server verbinden. In den logs steht folgendes:
Code: Select all
connect from p5DCCEF32.dip0.t-ipconnect.de[123.123.123.1]
Feb 13 19:13:01 server1 postfix/smtpd[20220]: setting up TLS connection from p5DCCEF32.dip0.t-ipconnect.de[123.123.123.1]
Feb 13 19:13:01 server1 postfix/smtpd[20220]: p5DCCEF32.dip0.t-ipconnect.de[123.123.123.1]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH"
Feb 13 19:13:01 server1 postfix/smtpd[20220]: SSL_accept:before/accept initialization
Feb 13 19:13:01 server1 postfix/smtpd[20220]: SSL3 alert write:fatal:handshake failure
Feb 13 19:13:01 server1 postfix/smtpd[20220]: SSL_accept:error in error
Feb 13 19:13:01 server1 postfix/smtpd[20220]: SSL_accept:error in error
Feb 13 19:13:01 server1 postfix/smtpd[20220]: SSL_accept error from p5DCCEF32.dip0.t-ipconnect.de[123.123.123.1]: -1
Feb 13 19:13:01 server1 postfix/smtpd[20220]: warning: TLS library problem: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:s3_srvr.c:1418:
Feb 13 19:13:01 server1 postfix/smtpd[20220]: lost connection after STARTTLS from p5DCCEF32.dip0.t-ipconnect.de[123.123.123.1]
Feb 13 19:13:01 server1 postfix/smtpd[20220]: disconnect from p5DCCEF32.dip0.t-ipconnect.de[123.123.123.1]
Code: Select all
smtpd_relay_restrictions = permit_sasl_authenticated permit_mynetworks defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
home_mailbox = Maildir/
smtpd_recipient_restrictions = permit_sasl_authenticated reject_unauth_destination permit_inet_interfaces permit_mynetworks
allow_percent_hack = no
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent.db
smtpd_helo_required = yes
milter_default_action = accept
milter_protocol = 2
swap_bangpath = no
append_at_myorigin = no
smtpd_client_restrictions = permit_mynetworks permit_inet_interfaces
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
proxy_interfaces = 88.99.13.106
### incoming connections ###
smtpd_tls_security_level = may
smtpd_tls_cert_file = /home/juvo-design/ssl.cert
smtpd_tls_key_file = /home/juvo-design/ssl.key
smtpd_tls_CAfile = /home/juvo-design/ssl.ca
smtpd_use_tls = yes
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_loglevel = 2
smtpd_sasl_auth_enable = yes
### outgoing connections ###
smtp_tls_security_level=may
smtp_tls_cert_file= /home/juvo-design/ssl.cert
smtp_tls_key_file= /home/juvo-design/ssl.key
smtp_tls_CAfile = /home/juvo-design/ssl.ca
smtp_use_tls = yes
smtp_tls_mandatory_ciphers = high
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
smtp_tls_loglevel = 2
mydomain = juvo-design.de
myhostname = server1.juvo-design.de
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
message_size_limit = 25000000