8000 Receiving mail fails from one sender with acme certificate miss · Issue #206 · mjl-/mox · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Receiving mail fails from one sender with acme certificate miss #206
New issue
New issue
Closed
Closed
Receiving mail fails from one sender with acme certificate miss#206
@RobSlgm

Description

@RobSlgm
RobSlgm
opened on Aug 21, 2024

No mails are received from a sender (in the log below from 111.111.111.111) for the domain mail.example.org.
Sending mails to the sender works without issues. Receiving from other sender (i.e. google, ms) works fine.

The mox server is running under example.com and handling example.org mails.

The log file seems to indicate an issue with the own certificate 'example.org'. This certificate doesn't exist (and should IMHO not exist), but valid certificate exist for mail.example.org, mts-sts.example.org and autoconfig.example.org.

l=debug m="http request" pkg=http httpaccess= handler=mtasts method=get url=/.well-known/mta-sts.txt host=mta-sts.example.org duration="98.203µs" statuscode=200 proto=http/2.0 remoteaddr=111.111.111.111:50527 tlsinfo=tls1.3 useragent=SecurityGateway/1.0 referrr= size=63 cid=1914f99d691
l=info m="new connection" pkg=smtpserver remote=111.111.111.111:50528 local=49.13.208.167:25 submission=false tls=false listener=public cid=1914f99d692 delta="65.693µs"
l=debug m="smtp command result" pkg=smtpserver kind=smtp cmd=ehlo code=250 ecode= duration="37.65µs" cid=1914f99d692 delta=26.900377ms
l=debug m="smtp command result" pkg=smtpserver kind=smtp cmd=starttls code=220 ecode=2.0.0 duration="19.467µs" cid=1914f99d692 delta=27.973618ms
l=debug m="starting tls server handshake" pkg=smtpserver cid=1914f99d692 delta="120.085µs"
l=info m="getting cert from dir cache" err="acme/autocert: certificate cache miss" pkg=autotls name=example.org
l=debug m="dircache get result" err="acme/autocert: certificate cache miss" pkg=autotls name=example.org
l=debug m="autotls hostpolicy result" err="autotls: host not in allowlist: \"example.org\"" pkg=autotls host=example.org
l=debug m="requesting certificate" err="autotls: host not in allowlist: \"example.org\"" pkg=autotls host=example.org cid=1914f99d692
l=info m="connection closed" err="starttls handshake: tls: no certificates configured (io error)" pkg=smtpserver cid=1914f99d692 delta=28.733029ms

A check with https://internet.nl/mail/ of the sender shows a possible lack of STARTTLS support.

Some my questions are:

  • How to read the log file entries correctly?
  • Can a "exception" be configured for an sender without STARTTLS support?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0