search

toorop / tmail

Golang SMTP server
http://tmail.io
MIT License
323 stars 55 forks source link

454 - TLS handshake failed: remote error: bad certificate #11

Closed goodforever closed 7 years ago

goodforever commented 8 years ago

either let's encrypt Ca or self signed Ca I get error for sending mail [iZ23x3b5pgjZ] 2016/09/08 21:00:48.662909 ERROR - smtpd eb812eabccab76734d3ae9c5cd6fbd642dac038f - 183.158.60.79:49967 - 454 - TLS handshake failed: remote error: bad certificate

sender get error x509: certificate signed by unknown authority

ro78 commented 8 years ago

I'm using let's encrypt without problem.

[000.311] --> STARTTLS [000.415] <-- 220 Ready to start TLS nego [000.415] STARTTLS command works on this server [000.681] SSLVersion in use: TLSv1.2 [000.681] Cipher in use: ECDHE-RSA-AES128-SHA [000.682] Connection converted to SSL [000.710]
Certificate 1 of 3 in chain: subject= /CN=mail.borezo.info issuer= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
[000.735]
Certificate 2 of 3 in chain: subject= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 issuer= /O=Digital Signature Trust Co./CN=DST Root CA X3
[000.759]
Certificate 3 of 3 in chain: subject= /O=Digital Signature Trust Co./CN=DST Root CA X3 issuer= /O=Digital Signature Trust Co./CN=DST Root CA X3
[000.759] Cert VALIDATED: ok [000.760] Cert Hostname VERIFIED (mail.borezo.info = mail.borezo.info)

In the SSL folder of tmail:

goodforever commented 8 years ago

1.My client doesn't support TLS, 2.My client can send mail via postfix+sasl and smtp.126.com (a email service provider) 3.mac mail client (enable TLS) can send mail via tmail ,both of config export TMAIL_SMTPD_DSNS="20.127.51.132:25:false" or export TMAIL_SMTPD_DSNS="TMAIL_SMTPD_DSNS="20.127.51.132:25:false; 20.127.51.132:465:true" 4.mac mail client (disable TLS) cannot send mail via tmail , both of export TMAIL_SMTPD_DSNS="20.127.51.132:25:false" or export TMAIL_SMTPD_DSNS="TMAIL_SMTPD_DSNS="20.127.51.132:25:false; 20.127.51.132:465:true" mac mail client logs is: cannot use mail.domain.com:username@domain.com to send email MCMailErrorDomain error 1045 tmail full logs is: [iZ23x3b5pgjZ] 2016/09/10 17:54:49.546903 INFO - smtpd 20.127.51.132:25 launched. [iZ23x3b5pgjZ] 2016/09/10 17:54:49.547110 INFO - smtpd 20.127.51.132:465 SSL launched. [iZ23x3b5pgjZ] 2016/09/10 17:54:49.551202 INFO - deliverd launched [iZ23x3b5pgjZ] 2016/09/10 17:56:12.640931 INFO - smtpd fd10f431b9682f3c73816f0c1bf676d512c7a5c8 - 122.234.31.194:56659 - starting new transaction 1/20 [iZ23x3b5pgjZ] 2016/09/10 17:56:12.664370 INFO - smtpd fd10f431b9682f3c73816f0c1bf676d512c7a5c8 - 122.234.31.194:56659 - EOT

ro78 commented 8 years ago

@toorop ?

toorop commented 7 years ago

As i see it's a error at client level. Look at: https://discussions.apple.com/thread/6469755?tstart=0