Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1011040: postfix: fail TLS connection
1,343 views
Skip to first unread message
Robin Cook
May 15, 2022, 8:40:03 PM5/15/22
to
Package: postfix
Version: 3.6.4-1+b3
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* postfix/smtps/smtpd[4002368]: warning: TLS library problem: error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:308
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.16.0-6-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages postfix depends on:
ii adduser 3.121
ii cpio 2.13+dfsg-7
ii debconf [debconf-2.0] 1.5.79
ii dpkg 1.21.7
ii e2fsprogs 1.46.5-2
ii init-system-helpers 1.62
ii libc6 2.33-7
ii libdb5.3 5.3.28+dfsg1-0.9
ii libicu71 71.1-3
ii libnsl2 1.3.0-2
ii libsasl2-2 2.1.28+dfsg-5
ii libssl3 3.0.3-3
ii lsb-base 11.1.0
ii netbase 6.3
ii ssl-cert 1.1.2
Versions of packages postfix recommends:
ii ca-certificates 20211016
ii python3 3.10.4-1+b1
Versions of packages postfix suggests:
ii bsd-mailx [mail-reader] 8.1.2-0.20220412cvs-1
ii dovecot-core [dovecot-common] 1:2.3.18+dfsg1-1+b2
ii libsasl2-modules 2.1.28+dfsg-5
ii mutt [mail-reader] 2.2.4-1
pn postfix-cdb <none>
pn postfix-doc <none>
pn postfix-ldap <none>
pn postfix-lmdb <none>
pn postfix-mta-sts-resolver <none>
pn postfix-mysql <none>
pn postfix-pcre <none>
pn postfix-pgsql <none>
ii postfix-sqlite 3.6.4-1+b3
ii procmail 3.22-27
ii resolvconf 1.91
pn ufw <none>
-- debconf information:
postfix/kernel_version_warning:
postfix/lmtp_retired_warning: true
postfix/bad_recipient_delimiter:
postfix/sqlite_warning:
postfix/not_configured:
postfix/mailbox_limit: 0
postfix/recipient_delim: +
* postfix/mailname: phlare.wyrms.net
postfix/chattr: false
postfix/mynetworks: 67.79.105.160/28, 192.168.10.0/24, 127.0.0.0/8
postfix/newaliases: false
postfix/relayhost:
postfix/retry_upgrade_warning:
postfix/root_address:
postfix/dynamicmaps_conversion_warning:
postfix/destinations: wyrms.net, phlare.wyrms.net, mail.wyrms.net, www.wyrms.net, ftp.wyrms.net, irc.wyrms.net, localhost.wyrms.net, localhost
postfix/main_cf_conversion_warning: true
postfix/procmail: true
postfix/compat_conversion_warning: true
postfix/mydomain_warning:
postfix/tlsmgr_upgrade_warning:
postfix/rfc1035_violation: false
* postfix/main_mailer_type: Internet Site
postfix/protocols: ipv4
postfix/relay_restrictions_warning:
Version: 3.6.4-1+b3
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* postfix/smtps/smtpd[4002368]: warning: TLS library problem: error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:308
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.16.0-6-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages postfix depends on:
ii adduser 3.121
ii cpio 2.13+dfsg-7
ii debconf [debconf-2.0] 1.5.79
ii dpkg 1.21.7
ii e2fsprogs 1.46.5-2
ii init-system-helpers 1.62
ii libc6 2.33-7
ii libdb5.3 5.3.28+dfsg1-0.9
ii libicu71 71.1-3
ii libnsl2 1.3.0-2
ii libsasl2-2 2.1.28+dfsg-5
ii libssl3 3.0.3-3
ii lsb-base 11.1.0
ii netbase 6.3
ii ssl-cert 1.1.2
Versions of packages postfix recommends:
ii ca-certificates 20211016
ii python3 3.10.4-1+b1
Versions of packages postfix suggests:
ii bsd-mailx [mail-reader] 8.1.2-0.20220412cvs-1
ii dovecot-core [dovecot-common] 1:2.3.18+dfsg1-1+b2
ii libsasl2-modules 2.1.28+dfsg-5
ii mutt [mail-reader] 2.2.4-1
pn postfix-cdb <none>
pn postfix-doc <none>
pn postfix-ldap <none>
pn postfix-lmdb <none>
pn postfix-mta-sts-resolver <none>
pn postfix-mysql <none>
pn postfix-pcre <none>
pn postfix-pgsql <none>
ii postfix-sqlite 3.6.4-1+b3
ii procmail 3.22-27
ii resolvconf 1.91
pn ufw <none>
-- debconf information:
postfix/kernel_version_warning:
postfix/lmtp_retired_warning: true
postfix/bad_recipient_delimiter:
postfix/sqlite_warning:
postfix/not_configured:
postfix/mailbox_limit: 0
postfix/recipient_delim: +
* postfix/mailname: phlare.wyrms.net
postfix/chattr: false
postfix/mynetworks: 67.79.105.160/28, 192.168.10.0/24, 127.0.0.0/8
postfix/newaliases: false
postfix/relayhost:
postfix/retry_upgrade_warning:
postfix/root_address:
postfix/dynamicmaps_conversion_warning:
postfix/destinations: wyrms.net, phlare.wyrms.net, mail.wyrms.net, www.wyrms.net, ftp.wyrms.net, irc.wyrms.net, localhost.wyrms.net, localhost
postfix/main_cf_conversion_warning: true
postfix/procmail: true
postfix/compat_conversion_warning: true
postfix/mydomain_warning:
postfix/tlsmgr_upgrade_warning:
postfix/rfc1035_violation: false
* postfix/main_mailer_type: Internet Site
postfix/protocols: ipv4
postfix/relay_restrictions_warning:
Kevin Walton
Jun 23, 2022, 10:20:04 AM6/23/22
to
Hi
Apologies I suspect this is not the right place to email - but I can't
find out where to ask. I also have this error on a brand new mail
server, and I don't understand the impact of it. I asked here:
https://askubuntu.com/questions/1411682/how-do-i-fix-postfix-submission-tls-error-unexpected-eof-while-reading-ssl
but have not been able to get any replies.
Any help appreciated
Thanks very much
Kevin
--
Kevin Walton
Mobile: 07867 825 847
Apologies I suspect this is not the right place to email - but I can't
find out where to ask. I also have this error on a brand new mail
server, and I don't understand the impact of it. I asked here:
https://askubuntu.com/questions/1411682/how-do-i-fix-postfix-submission-tls-error-unexpected-eof-while-reading-ssl
but have not been able to get any replies.
Any help appreciated
Thanks very much
Kevin
--
Kevin Walton
Mobile: 07867 825 847
Antoine Le Gonidec
Aug 3, 2022, 1:50:03 PM8/3/22
to
On Sun, 15 May 2022 19:29:36 -0500 Robin Cook <rc...@wyrms.net> wrote:
> * postfix/smtps/smtpd[4002368]: warning: TLS library problem: error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:308
On an up-to-date Debian Sid (postfix 3.6.4-1+b3) I can reliably trigger this error with the following command run from the same server that is hosting Postfix:
> * postfix/smtps/smtpd[4002368]: warning: TLS library problem: error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:308
openssl s_client -connect localhost:smtp -starttls smtp
I hope this can help in diagnosing what is causing it in the first place.
Samuli Suonpää
Jan 21, 2023, 10:10:04 AM1/21/23
to
On Wed, 3 Aug 2022 19:35:27 +0200 Antoine Le Gonidec <debia...@dotslashplay.it> wrote:
> On Sun, 15 May 2022 19:29:36 -0500 Robin Cook <rc...@wyrms.net> wrote:
> On Sun, 15 May 2022 19:29:36 -0500 Robin Cook <rc...@wyrms.net> wrote:
> > * postfix/smtps/smtpd[4002368]: warning: TLS library problem: error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:308
>
>
> On an up-to-date Debian Sid (postfix 3.6.4-1+b3) I can reliably trigger this error with the following command run from the same server that is hosting Postfix:
>
> openssl s_client -connect localhost:smtp -starttls smtp
>
> I hope this can help in diagnosing what is causing it in the first place.
I just encountered this bugs and can also reproduce it in 3.7.3-4.
>
> openssl s_client -connect localhost:smtp -starttls smtp
>
> I hope this can help in diagnosing what is causing it in the first place.
Basically this is about client disconnecting without issueing a proper SSL_shutdown(). Behaviour of OpenSSL has changed between 1.1.1 and 3.0.
Upstream is discussing the bug here and it seems the proposed fix has been accepted and will be included in the next stable release, within a few days.
https://www.mail-archive.com/postfi...@postfix.org/msg97759.html
--
Samuli Suonpää
Scott Kitterman
Jan 21, 2023, 10:12:58 AM1/21/23
to
expected this weekend.
Scott K
0 new messages