On Tue, Sep 24, 2024 at 09:54:27PM +0800, Wesley via Postfix-users wrote:
> I have a backup MX server which shows this error in its mail.log:
>
> Sep 24 21:49:18 mxback postfix/smtps/smtpd[24711]: connect from
> unknown[165.154.138.57]
> Sep 24 21:49:18 mxback postfix/smtps/smtpd[24711]: SSL_accept error from
> unknown[165.154.138.57]: -1
> Sep 24 21:49:18 mxback postfix/smtps/smtpd[24711]: warning: TLS library
> problem: error:0A00006C:SSL routines::bad key
> share:../ssl/statem/extensions_srvr.c:646:
> Sep 24 21:49:18 mxback postfix/smtps/smtpd[24711]: lost connection after
> CONNECT from unknown[165.154.138.57]
> Sep 24 21:49:18 mxback postfix/smtps/smtpd[24711]: disconnect from
> unknown[165.154.138.57] commands=0/0
>
> do you know what are "SSL_accept error" and "TLS library problem" in above
> statements?
Treat these as line noise, that results from some scan engine (shodan,
or the like) probing the TLS features of your submission service. Just
ignore these. The essential details are:
- The client had no FCrDNS name
- It connected to your submission service
- Something went wrong with the TLS handshake
The rest is immaterial, unless one of your mailbox users is currently in
Hong Kong. From "whois 165.154.138.57":
route: 165.154.138.0/24
origin: AS135377
descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
FLAT/RM 603 6/F
LAWS COMMERCIAL PLAZA
788 CHEUNG SHA WAN ROAD, KL,
mnt-by: MAINT-UCLOUD-HK
last-modified: 2022-07-21T17:32:50Z
country: DE
source: APNIC
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
