Solved TLS library problem in Mail

Lamia

Lamia

I am out of options to fix this warning and error.

Maillog:
Code: 
Feb  3 17:08:29 <mail.warn> mail postfix/smtp/smtpd[53871]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:/usr/src/crypto/openssl/ssl/statem/statem_srvr.c:2285:
....
....
Feb  3 17:19:28 <mail.info> mail postfix/smtp/smtpd[78652]: SSL3 alert write:fatal:handshake failure
Feb  3 17:19:28 <mail.info> mail postfix/smtp/smtpd[78652]: SSL_accept:error in error
Feb  3 17:19:28 <mail.info> mail postfix/smtp/smtpd[78652]: SSL_accept error from mail-lf1-f45.google.com.....

CMD:
Code: 
# openssl s_client -starttls smtp -crlf -connect Mail_URL:587

CONNECTED(00000004)
34389172224:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:/usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:1603:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 248 bytes and written 355 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

I rebuilt ports for mail-related software and all others, switched to pkgs, rebuilt FreeBSD and jail src, changed to Openssl-devel and reversed back to Openssl, etc but no luck.

I am not receiving emails. I can login and send from webmail not with starttls or ssl/tls but none. The penssl s_client shows the cause I guess but I am struggling to fix it.
 
Ohh, there is a valid certificate from letsencypt but not showing. I have no error in postfix. Everything was fine until a recent upgrade. While I am no longer behind the PC. Postfix main cf has all TLS related settings !SSLv2,!SSLv3,!TLS1, TLS1.2, TLS1.3; smtp_...security_level=high(medium tested too),smtp....enforce. =may, etc.

I shall try get the postconf -d in the next hours when I am back. But is all fine there; not too strict. The server has TLS/SSL Ciphers but not even showing in openssl check. I searched online but no luck too.
 
Check again your letsencrypt certificate.
smtpd_tls_key_file = /usr/local/etc/letsencrypt/live/FQDN/privkey.pem
smtpd_tls_cert_file = /usr/local/etc/letsencrypt/live/FQDN/cert.pem
smtpd_tls_CAfile = /usr/local/etc/letsencrypt/live/FQDN/chain.pem
Click to expand...

openssl s_client -starttls smtp -crlf -connect fqdn:587

Or if you are using SNI then provide the FQDN using -servername
openssl s_client -starttls smtp -crlf -connect localhost:587 -servername FQDN
 
VladiBG said:
Check again your letsencrypt certificate.
Click to expand...
That is what I have.

VladiBG said:
openssl s_client -starttls smtp -crlf -connect fqdn:587
Click to expand...
That is what I have up there. Same test on port 443 returns the SSL details..

The url works on SSL. Error can be interpreted as server list no cipher when client informs server of its own. Server confirm what to use (NONE) but conf has it that SSLcert is set in it "smtp[d]_use_tls = yes".

Lamia said:
error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:/usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:1603:SSL alert number 40
Click to expand...
You won't see this error message on your server.
 
Lamia said:
I am out of options to fix this warning and error.

Maillog:
Code: 
Feb  3 17:08:29 <mail.warn> mail postfix/smtp/smtpd[53871]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:/usr/src/crypto/openssl/ssl/statem/statem_srvr.c:2285:
....
....
Feb  3 17:19:28 <mail.info> mail postfix/smtp/smtpd[78652]: SSL3 alert write:fatal:handshake failure
Feb  3 17:19:28 <mail.info> mail postfix/smtp/smtpd[78652]: SSL_accept:error in error
Feb  3 17:19:28 <mail.info> mail postfix/smtp/smtpd[78652]: SSL_accept error from mail-lf1-f45.google.com.....

CMD:
Code: 
# openssl s_client -starttls smtp -crlf -connect Mail_URL:587

CONNECTED(00000004)
34389172224:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:/usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:1603:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 248 bytes and written 355 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

I rebuilt ports for mail-related software and all others, switched to pkgs, rebuilt FreeBSD and jail src, changed to Openssl-devel and reversed back to Openssl, etc but no luck.

I am not receiving emails. I can login and send from webmail not with starttls or ssl/tls but none. The penssl s_client shows the cause I guess but I am struggling to fix it.
Click to expand...
It sounds like postfix smptd server does not agree with the proposed cipher.
If you are sure the config file is correct, maybe postfix is using a different config file?

To aid in debugging, you could add "smtpd_tls_loglevel=2" to the postfix config file, that should give you something to look at in the logfile
 
VladiBG said:
What are your smtpd_tls_protocols settings under postconf -d and smtpd_tls_ciphers ?
Is your smtpd certificate valid (trusted)?
Click to expand...
Code: 
# postconf -d | perl -wnl -e '/smtp[d_]tls_protocols/i and print;  /smtpd_tls_ciphers/i  and print;'   
smtp_tls_protocols = >=TLSv1
smtpd_tls_ciphers = medium
tlsproxy_tls_ciphers = $smtpd_tls_ciphers

SSL cert is valid and trusted (letsencrypt). I wonder why some arguments return NULL in postconf e.g. "smtpd_tls_security_level = " despite set to 'may'.

Another look at the log:
Code: 
  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: 00a2 - <SPACES/NULLS>
Feb  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: SSL_accept:before SSL initialization
Feb  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: write to 80249DA80 [802545000] (7 bytes => 7 (0x7))
Feb  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: 0000 15 03 03 00 02 02 28                             ......(
Feb  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: SSL3 alert write:fatal:handshake failure
Feb  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: SSL_accept:error in error
Feb  4 07:06:13 <mail.info> mail postfix/smtp/smtpd[48638]: SSL_accept error from mail-psaapc01on2060.outbound.protection.outlook.com[40.107.255.60]: -1
Feb  4 07:06:13 <mail.warn> mail postfix/smtp/smtpd[48638]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:/usr/src/crypto/openssl/ssl/statem/statem_srvr.c:2285:

Main.cf:
Code: 
....
smtp_tls_protocols = !SSLv2,!SSLv3,TLSv1,TLSv1.1,TLSv1.2
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
smtp_tls_mandatory_ciphers = MEDIUM
smtp_tls_exclude_ciphers=aNULL:eNULL:LOW:3DES:MD5:MEDIUM:EXP:PSK:DSS:RC4:SEED:ECDSA:CAMELLIA256-SHA
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:AES256-SHA:CA......
.....
.....
smtpd_tls_protocols = !SSLv2,!SSLv3,TLSv1,TLSv1.1,TLSv1.2
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_ciphers =HIGH
smtpd_tls_exclude_ciphers=aNULL:eNULL:LOW:3DES:MD5:MEDIUM:EXP:PSK:DSS:RC4:SEED:ECDSA:CAMELLIA256-SHA
tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:AES256-SHA:CA.....
tls_random_source = dev:/dev/urandom
And smtp[d]_use_tls=yes/may in it.
 
I'm currently running postfix-3.7.3,1 custom repo and was planning to update it this weekend. Which version of postfix you are using?

My current working config is all "DEFAULTS" i have only this option in main.cf in TLS section.

main.cf
"smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3"
Click to expand...
Which also should be removed for postfix >3.6 and leave it as it's default of "smtpd_tls_mandatory_protocols = >=TLSv1.2, <=0305" but i still have clients which are on old Windows computers which doesn't have TLS1.2. That's why i'm still accepting TLS 1.1

master.cf
because of the MS Outlook TLS bug i have the following settings in master.cf and i don't use smtpd_tls_session_cache_database
for submission and smtps i have:
..
tls_ssl_options=NO_TICKET
..

so in my config postfix defaults to the following:
lmtp_tls_protocols = >=TLSv1
smtp_tls_protocols = >=TLSv1
smtpd_tls_protocols = >=TLSv1
tlsproxy_tls_protocols = $smtpd_tls_protocols
Click to expand...
lmtp_tls_ciphers = medium
lmtp_tls_mandatory_ciphers = medium
smtp_tls_ciphers = medium
smtp_tls_mandatory_ciphers = medium
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = aNULL:-aNULL:HIGH:MEDIUM:+RC4:mad:STRENGTH
Click to expand...
 
Thanks everyone. TLSv1.3 can now be seen as the ONLY cipher in openssl test. At least, emails are now being received. I made a few other changes here and there though.

Upgrades break services sometimes; few days ago, users of our XMPP service could not share images/files for sometime. An upgrade broke it; likewise, updating the service and a few other pkgs fixed it.
 
covacat said:
# Preferred syntax with Postfix ≥ 3.6:
smtpd_tls_protocols = >=TLSv1, <=TLSv1.3
Click to expand...
I replaced the legacy syntax in smtp_tls_protocols and smtpd_tls_protocols with the above.

I replaced CAfile with /usr/local/openssl/cert.pem in postfix 'main.cf' after re-installing ca_root_nss. Should you be using Snappymail too, you may want to do the same with its CAfile in admin-config. Apparently, Snappymail had problem reading the letsencrypt Cert. Authority file. Changing it resolved the problem. Snappymail had been fussy long before this time though. An upgrade stopped it from working (problem: cannot enable starttls error) and we needed to use other *mail client(s). I have now got all webclients working again. Snappymail luckily provides three or more SMTP/IMAP connection options (StartTLS, SSL/TLS, PHPMail(beta), none. A few combinations worked. The none option was working with the MTA but MDA won't work since most servers would send emails with TLS1.*. Of course, None is not ideal; should one have both email agent - postfix, etc - and Snappymail on the same machine; it would work. Again, I would not recommend it, though sending works with it. Recipients would likely classify the message as SPAM.
 
I Don't think that this was the issue. Your error was before the TLS handshake. Even if you had invalid CA you still will be able to CONNECTED(00000003) and you will get invalid or expire certificate. You error most likely was caused by invalid cipher list that you are providing
If you want to test it comment out the following in your main.cf and let the postfix use it's default settings which you can check via postconf -d compared with your in postconf -n
#smtpd_tls_protocols
#smtpd_tls_mandatory_protocols
#smtpd_tls_mandatory_ciphers
#smtpd_tls_exclude_ciphers
#tls_high_cipherlist
Click to expand...
 
Last edited:
VladiBG said:
You error most likely was caused by invalid cipher list that you are providing
Click to expand...
No cipher list let alone being invalid if you carefully check my first post. Including TLSv1.3 produced the SSL info for the domain and the same TLSv1.3 in the cipher, when openssl -connect command was run.

And in my last post, I mentioned that this problem is a cumulative one emanating from an upgrade among other things.

By the way, I have not had much luck with postfix-devel. It used to work but I changed from it to postfix to resolve another problem relating to virtual-alias in the log. Another was proxymap despite being available in master.cf.

These are all the information. I hope it helps someone.
 
VladiBG said:
because of the MS Outlook TLS bug i have the following settings in master.cf and i don't use smtpd_tls_session_cache_database
for submission and smtps i have:
..
tls_ssl_options=NO_TICKET
Click to expand...
Thank VladiBG for this pointer. We can see email to MS accounts including businesses using the MS email services. We however cannot receive emails specifically from MS. EMails from other servers and domains are delivered.

Here is the error:
Code: 
                                          ..
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: 00a2 - <SPACES/NULLS>
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: SSL_accept:before SSL initialization
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: write to 80261E100 [802682000] (7 bytes => 7 (0x7))
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: 0000 15 03 03 00 02 02 28                             ......(
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: SSL3 alert write:fatal:handshake failure
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: SSL_accept:error in error
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: SSL_accept error from mail-tyzapc01on2103.outbound.protection.outlook.com[40.107.117.103]: -1
Feb  6 14:54:17 <mail.warn> mail postfix/smtp/smtpd[19028]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:2285:
Feb  6 14:54:17 <mail.notice> mail milter-manager[63649]: [statistics] [session][end][helo][abort][0.3674](7017)
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: lost connection after STARTTLS from mail-tyzapc01on2103.outbound.protection.outlook.com[40.107.117.103]
Feb  6 14:54:17 <mail.info> mail postfix/smtp/smtpd[19028]: disconnect from mail-tyzapc01on2103.outbound.protection.outlook.com[40.107.117.103] ehlo=1 starttls=0/1 commands=1/2

I have tried all combinations for tls_medium_cipher (I used yours), **mandatory_ciphers, etc (for instance, from high to medium for smtpd while smtp remains medium).
Any further suggestions would be appreciated?
 
Did you try my proposal to comment out all your settings and use the postfix defaults for tls protocols and ciphers?

What is the output of openssl version and openssl ciphers -s -v -tls1_3 on your server?

Edit:
I've check some of the e-mails that i receive from protection.outlook.com on my server and it's using (TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
I'm on OpenSSL 1.1.1o-freebsd 3 May 2022 with FreeBSD13.1
 
VladiBG said:
Did you try my proposal to comment out all your settings and use the postfix defaults for tls protocols and ciphers?
Click to expand...
Yes, I did.

VladiBG said:
What is the output of openssl version and openssl ciphers -s -v -tls1_3 on your server?
Click to expand...
Code: 
[6/02 7:07] portdowngrade # openssl version             
OpenSSL 1.1.1o-freebsd  3 May 2022
[6/02 7:07] portdowngrade # openssl ciphers -s -v -tls1_3
TLS_AES_256_GCM_SHA384  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(256) Mac=AEAD
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any      Au=any  Enc=CHACHA20/POLY1305(256) Mac=AEAD
TLS_AES_128_GCM_SHA256  TLSv1.3 Kx=any      Au=any  Enc=AESGCM(128) Mac=AEAD
[6/02 7:07] portdowngrade # pkg info -aq | grep openssl
openssl-1.1.1s,1
py39-openssl-20.0.1,1
Noticed the different versions when pkg info was used? I have DEFAULT_VERSIONS+=ssl=openssl in make.conf and have upgraded the jail & pkg several times. I cannot get my head around the updated portdowngrade with the introduction of git over svn. Perhaps you can show me how to dig out the revision number OpenSSL 1.1.1q (since 1.1.1o has vulnerabilities).

Code: 
Choose a revision from this list and run /usr/local/sbin/portdowngrade security/openssl revision
------------------------------------------------------------------------
r569247 | brnrd | 2021-03-26 08:13:03 +0000 (Fri, 26 Mar 2021) | 7 lines

covacat said:
same here on 12.4 / openssl 1.1.1q
Click to expand...
13.1/openssl-1.1.1s,1. How else can I bump up the openssl-1.1.1o after portmaster/make install/pkg install?
 
you can test your TLS here: https://www.checktls.com/TestReceiver
for SSL version enter: TLSv1_3
In "More options" under TLS1.3 Cipher Suite: enter TLS_AES_256_GCM_SHA384
In the test result you should see:
Connection converted to SSL
SSLVersion in use: TLSv1_3
Cipher in use: TLS_AES_256_GCM_SHA384
Perfect Forward Secrecy: yes
Session Algorithm in use: Curve X25519 DHE(253 bits)
Click to expand...

Then repeat the same test but for SSL version enter: TLSv1_2
for SSL Cipher List: enter ECDHE-RSA-AES256-GCM-SHA384
The result should be
Connection converted to SSL
SSLVersion in use: TLSv1_2
Cipher in use: ECDHE-RSA-AES256-GCM-SHA384
Perfect Forward Secrecy: yes
Session Algorithm in use: Curve X25519 DHE(253 bits)
Click to expand...

If you get an error for "no cipher match" then you can try to use the openssl from the base and rebuild all ports that you are using.
Also double check that the output of postconf | grep smtpd_tls_protocols is smtpd_tls_protocols = >=TLSv1

Comparing the changes for openssl version 1.1.1o to 1.1.1.s i don't see anything major that would force you to use the openssl from the ports instead of the default openssl in FreeBSD13.1

/news/openssl-1.1.1-notes.html

www.openssl.org www.openssl.org
 
Lamia said:
Noticed the different versions when pkg info was used? I have DEFAULT_VERSIONS+=ssl=openssl in make.conf and have upgraded the jail & pkg several times. I cannot get my head around the updated portdowngrade with the introduction of git over svn. Perhaps you can show me how to dig out the revision number OpenSSL 1.1.1q (since 1.1.1o has vulnerabilities).
Click to expand...
If you use that line in make.conf you will have a second copy of openssl - in /usr/local/bin

So the base version is /usr/bin/openssl, the port version is /usr/local/bin/openssl.
Code: 
user@server:/tmp % openssl version
OpenSSL 1.1.1o-freebsd  3 May 2022
user@server:/tmp % which openssl
/usr/bin/openssl
user@server:/tmp % /usr/local/bin/openssl version
OpenSSL 1.1.1s  1 Nov 2022
Can't help with the rest of your post, but hopefully this helps answer part of the puzzle!
 
VladiBG said:
for SSL version enter: TLSv1_3
In "More options" under TLS1.3 Cipher Suite: enter TLS_AES_256_GCM_SHA384
In the test result you should see:
Click to expand...


[002.463]		We can use this server
[002.463]TLS is an option on this server
[002.463]‑‑>STARTTLS
[002.719]<‑‑220 2.0.0 Ready to start TLS
[002.719]STARTTLS command works on this server
[003.287]Connection converted to SSL
SSLVersion in use: TLSv1_3
Cipher in use: TLS_AES_256_GCM_SHA384
Perfect Forward Secrecy: yes
Session Algorithm in use: Curve X25519 DHE(253 bits


001.070]‑‑>STARTTLS
[001.329]<‑‑220 2.0.0 Ready to start TLS
[001.329]STARTTLS command works on this server
[001.339]Cannot convert to SSL (reason: Failed to set SSL cipher list error:1426E0B9:SSL routines:ciphersuite_cb:no cipher match)
[001.339]Note: This same test with Format set to "Debug" may show more
[001.339]‑‑>MAIL FROM:<test@checktls.com>
[001.598]<‑‑
[001.598]Cannot proof email address (reason: MAIL FROM rejected)
[001.598]Note: This does not affect the CheckTLS Confidence Factor
[001.598]‑‑>QUIT
[001.598]<‑‑
 
richardtoohey2 said:
Can't help with the rest of your post, but hopefully this helps answer part of the puzzle!
Click to expand...
Thanks for this input. I was sure the two were because of me specifying that OpensSSL from ports should be used, while the base OpenSSL already exists. Other machine have both in the same version though.
 
You must log in or register to reply here.
Back
Top