Mohamed Hassan
Reputation: 11
Exim4 GnuTLS error (gnutls_handshake): An unexpected TLS packet was received
I have Exim4-heavy, GunTLS
it was configured correctly and the mails was working fine
suddenly I not be able to use TLS however the SSL certificates is verified
when I telnet to port 465 it gives
# telnet localhost 465
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
ehlo foo
Connection closed by foreign host.
but when I telnet to port 587
# telnet localhost 587
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 box01.xxxxxxxxx.com ESMTP Exim 4.90_1 Ubuntu Wed, 29 Apr 2020 15:49:41 +0200
ehlo foo
250-box01.xxxxxxxxx.com Hello foo [127.0.0.1]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-CHUNKING
250-STARTTLS
250-PRDR
250 HELP
starttls
220 TLS go ahead
ehlo foo
Connection closed by foreign host.
I didn't update anything in the configuration and it was working before 5 days
also I got a lot of this error in log
2020-04-29 15:50:02 TLS error on connection from (foo) [127.0.0.1]:55212 I=[127.0.0.1]:587 (gnutls_handshake): An unexpected TLS packet was received.
Upvotes: 1
Views: 3199
Answers (1)
Thomas
Reputation: 123
I had the similar problems with exim4. I'll share some of the configurations i made to get it to work.
echo "IGNORE_SMTP_LINE_LENGTH_LIMIT='true'" >> /etc/exim4 exim4.conf.localmacros
echo "REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *">> /etc/exim4/exim4.conf.localmacros
echo "REQUIRE_PROTOCOL = smtps">> /etc/exim4/exim4.conf.localmacros
echo "MAIN_HARDCODE_PRIMARY_HOSTNAME = localhost" >> /etc/exim4/exim4.conf.localmacros
echo "MAIN_TLS_ENABLE = 1">> /etc/exim4/exim4.conf.localmacros
echo "MAIN_TLS_CERTIFICATE=/opt/ssl/localhost.pem" >> /etc/exim4/exim4.conf.localmacros
echo "MAIN_TLS_PRIVATEKEY=/opt/ssl/localhost-key.pem" >> /etc/exim4/exim4.conf.localmacros
echo "daemon_smtp_ports = 25 : 465" >> etc/exim4/exim4.conf.localmacros
echo "tls_on_connect_ports = 465" >> /etc/exim4/exim4.conf.localmacros
echo "dc_other_hostnames='localhost'" >> /etc/exim4/update-exim4.conf.conf
echo "dc_eximconfig_configtype='satellite'" >> /etc/exim4/update-exim4.conf.conf
echo "dc_smarthost='localhost::465'" >> /etc/exim4/update-exim4.conf.conf
I also made sure exim is allowed to read the certificates.
chown root:Debian-exim /opt/ssl/key.pem
chown root:Debian-exim /opt/ssl/cert.pem
chmod 640 /opt/ssl/key.pem
chmod 640 /opt/ssl/cert.pem
Upvotes: 1
Related Questions
- Problem with openssl (can't connect to gmail)
- SMTP protocol synchronization error (input sent without waiting for greeting)
- SMTPS: OpenSSL - SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol s23_clnt.c:787:
- Sending emails with emacs24 via smtp with gnutls and extra arguments
- Django throws this error: SMTPException: STARTTLS extension not supported by server
- error: [Errno 111] Connection refused error when sending email in Plone
- smtpmail error "An unexpected TLS packet was received"
- Problems with Exim hosts_require_tls config
- SSL connect to mail server. Trusted ssl certificate rejected by mail client
- 554 SMTP synchronization error with exim4 and my code