← Back to team overview

sslug-teknik team mailing list archive

Postfix/SASL/TLS underlige logentries

 

Hejsa,

Jeg har netop opsat Sasl+TLS support på min postfix 2.1.3 server, og det
virker fint nok, men jeg får en masse lidt mystiske logentries:

Aug  2 13:20:21 elmer postfix/smtpd[3638]: setting up TLS connection from XXX[aaa.bbb.ccc.ddd]
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:before/accept initialization
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE298] (11 bytes => -1 (0xFFFFFFFF))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv2/v3 read client hello A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE298] (11 bytes => 11 (0xB))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 16 03 01 00 73 01 00 00|6f 03 01     ....s... o..
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE2A3] (109 bytes => -1 (0xFFFFFFFF))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv3 read client hello B
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv3 read client hello B
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE2A3] (109 bytes => 109 (0x6D))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 00 07 fe 97 a5 fa 67 0c|73 fb f3 e5 6f f5 50 99  ......g. s...o.P.
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0010 c3 18 d0 b4 b4 ff 2b 27|13 31 9d 2c cb e3 53 58  ......+' .1.,..SX
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0020 20 cd 9d d8 48 b3 d0 f4|4e c9 6c 69 01 0f 1f 26   ...H... N.li...&
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0030 2f e8 96 d6 5c 3a 15 7d|a4 69 02 2c a8 9c db c7  /...\:.} .i.,....
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0040 0a 00 28 00 39 00 38 00|35 00 33 00 32 00 04 00  ..(.9.8. 5.3.2...
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0050 05 00 2f 00 16 00 13 fe|ff 00 0a 00 15 00 12 fe  ../..... ........
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0060 fe 00 09 00 64 00 62 00|03 00 06 01     ....d.b. ....
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 006d - <SPACES/NULS>?
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:SSLv3 read client hello B
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:SSLv3 write server hello A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:SSLv3 write change cipher spec A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:SSLv3 write finished A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: write to 080CD9D0 [080C7AB0] (138 bytes => 138 (0x8A))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 16 03 01 00 4a 02 00 00|46 03 01 41 0e 23 75 df  ....J... F..A.#u.
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0010 48 fb fd 7a 83 6f 41 b9|6a e5 34 d5 14 0d f0 98  H..z.oA. j.4.....
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0020 c7 26 04 8c 7c e8 1e 77|a9 41 0c 20 cd 9d d8 48  .&..|..w .A. ...H
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0030 b3 d0 f4 4e c9 6c 69 01|0f 1f 26 2f e8 96 d6 5c  ...N.li. ..&/...\
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0040 3a 15 7d a4 69 02 2c a8|9c db c7 0a 00 39 00 14  :.}.i.,. .....9..
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0050 03 01 00 01 01 16 03 01|00 30 4a a9 ee d2 9c 05  ........ .0J.....
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0060 67 65 e7 38 50 2b ad 65|52 e0 6a a1 f8 dc e4 da  ge.8P+.e R.j.....
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0070 5a 4d 88 ca 16 2e db c4|66 5f 68 4d a4 ab 67 17  ZM...... f_hM..g.
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0080 f0 43 83 16 4e b6 d4 0b|8e ff     .C..N... ..
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:SSLv3 flush data
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE298] (5 bytes => -1 (0xFFFFFFFF))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv3 read finished A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE298] (5 bytes => 5 (0x5))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 14 03 01 00 01     .....
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE29D] (1 bytes => -1 (0xFFFFFFFF))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv3 read finished A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE29D] (1 bytes => 1 (0x1))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 01     .
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE298] (5 bytes => -1 (0xFFFFFFFF))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv3 read finished A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE298] (5 bytes => 5 (0x5))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 16 03 01 00 30     ....0
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE29D] (48 bytes => -1 (0xFFFFFFFF))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:error in SSLv3 read finished A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: read from 080CD9D0 [080BE29D] (48 bytes => 48 (0x30))
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0000 a0 7d 86 14 79 25 fb 9d|77 dd 6c 33 27 b5 7e 8f  .}..y%.. w.l3'.~.
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0010 7a 3a 55 df 92 60 4f 4f|92 61 b5 93 bc 34 80 09  z:U..`OO .a...4..
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 0020 87 63 75 53 9b 4a 01 e5|ad 02 80 88 fe ba bc 03  .cuS.J.. ........
Aug  2 13:20:21 elmer postfix/smtpd[3638]: SSL_accept:SSLv3 read finished A
Aug  2 13:20:21 elmer postfix/smtpd[3638]: TLS connection established from XXX[aaa.bbb.ccc.ddd]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Aug  2 13:20:21 elmer postfix/smtpd[3638]: 28217248043: client=XXX[aaa.bbb.ccc.ddd], sasl_method=PLAIN, sasl_username=XXX

Eftersom at det virker, syntes jeg at det er lidt mærkeligt at de
beskeder kommer. Er der reelt noget galt eller brokker smtpd sig bare
unødvendigt?

Jeg har script på som automatisk sender mig alt fra logfilerne jeg ikke
har bedt om at få filtreret væk, og det vil nok være lidt svært at få
filtreret de stumper krypteret data (eller hvad det nu er) væk, så det
ville da også være rart om der var nogen der ved hvordan man får den til
ikke at skrive alle de unødvendige oplysninger til logfilerne?

-- 
Anders
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/O d--@ s:+ a-- C++ UL+++$ P++ L+++ E- W+ N(+) o K? w O-- M- V
PS+ PE@ Y+ PGP+ t 5 X R+ tv+ b++ DI+++ D+ G e- h !r y?
------END GEEK CODE BLOCK------
PGPKey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x8BFECB41