Package:ssmtp
Version:2.62-3
-------- Message original --------
Sujet: Message with no Package: tag cannot be processed! (Package:
SSMTP ----> SSMTP ne respecte pas le RFC5246 lors du key Exchange en
mode STARTTLS)
Date : Thu, 05 Jan 2012 16:51:06 +0000
De : ow...@bugs.debian.org (Debian Bug Tracking System)
Pour : Support Bluebird <supp...@bluebirdcommunication.ch>
Your message didn't have a Package: line at the very first line of the
mail body (part of the pseudo-header), or didn't have a Package: line
at all. Unfortunatly, this means that your message has been ignored
completely.
Without this information we are unable to categorise or otherwise deal
with your problem report. Please _resubmit_ your report to
sub...@bugs.debian.org and tell us which package the
report is for. For help, check out
http://www.debian.org/Bugs/Reporting.
Your message was dated Thu, 05 Jan 2012 17:48:15 +0100 and had
message-id<4f05d44f.2010...@bluebirdcommunication.ch>
and subject Package: SSMTP ----> SSMTP ne respecte pas le RFC5246 lors du
key Exchange en mode STARTTLS.
The complete text of it is attached to this message.
If you need any assistance or explanation please contact
ow...@bugs.debian.org and include the the attached
message.
If you didn't send the attached message (spam was sent forging your
from address), we apologize; please disregard this message.
--
-1: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=-1
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
*Package: SSMTP
Version: 2.62-3*
=============================
Bonjour,
Il y a un problème lorsqu'on essaie de faire du STARTTLS.
Lors de l'échange de certificat et de clé, SSMTP ne répond pas avec l'échange
de clé standard de la RFC5246, mais envoie directement les datas ce qui cause
un échec de négociation.
mail -v -s "Test"<mon e-mail>
sdfjsdlkf.
.
Cc:
[<-] 220 smtp1.infomaniak.ch ESMTP Infomaniak Network Relay Mail Servers; Tue,
13 Sep 2011 10:35:09 +0200
[->] EHLO firearrow
[<-] 250 HELP
[->] STARTTLS
[<-] 220 2.0.0 Ready to start TLS
[->] EHLO firearrow
[<-]
send-mail: (firearrow)
Can't send mail: sendmail process failed with error code 1
Veuillez trouver, ci-joint, mon fichier ssmtp.conf
Mon fournisseur ISP d'e-mail me donne le feedback suivant :
Dans la trace TCPdump l'erreur actuelle survient dans l'échange TLS, qui n'est
pas respecté.
RFC TLS :http://www.rfc-editor.org/rfc/rfc5246.txt
Paragraphe 7.3. Handshake Protocol overview :
Client Server
ClientHello -------->
ServerHello
Certificate*
ServerKeyExchange*
CertificateRequest*
<-------- ServerHelloDone
Certificate*
ClientKeyExchange
CertificateVerify*
[ChangeCipherSpec]
Finished -------->
[ChangeCipherSpec]
<-------- Finished
Application Data<-------> Application Data
(Voir aussi sur Wikipedia, c'est plus clair
:http://en.wikipedia.org/wiki/STARTTLS
ethttp://en.wikipedia.org/wiki/Transport_Layer_Security)
Dans
le TCPdump, l'échange s'arrête au moment ou le serveur émet la
"CertificateRequest", car le client répond juste après du contenu
"Application Data" sans envoyer préalablement son "ClientKeyExchange" et
"CertificateVerify". Le protocole n'est pas respecté et le serveur
réponds donc "Unexpected message".
20 1.660292000 84.16.68.123 192.168.70.51 TLSv1 Server Key
Exchange, Certificate Request, Server Hello Done
21 1.661254000 192.168.70.51 84.16.68.123 TLSv1 Application Data
23 1.689149000 84.16.68.123 192.168.70.51 TLSv1 Alert (Level:
Fatal, Description: Unexpected Message)
Le détail de mes tests se trouve ici
:http://www.debian-fr.org/envoi-e-mail-depuis-le-shell-avec-ssmtp-en-starttls-error-t35231.html
En vous remerciant de votre réponse.
Meilleures salutations
Support Bluebird communication Sarl
#
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=supp...@bluebird.pro
AuthUser=*******
AuthPass=*******
UseSTARTTLS=yes
AuthMethod=Login
# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=mail.infomaniak.ch:587
# Where will the mail seem to come from?
rewriteDomain=bluebird.pro
# The full hostname
hostname=<my-IP-address>
# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
FromLineOverride=YES
--- End Message ---
