環境 CentOS Linux release 7.4.1708 (Core) IP:192.168.11.18/24 Windows10 Pro 1803 IP:192.168.11.6/24 stunnel-4.56-6.el7.x86_64 sendmail-8.14.7-5.el7.x86_64 sendmail-cf-8.14.7-5.el7.noarch dovecot-2.2.10-8.el7.x86_64 0637login:Penguin2019/01/12(土) 18:28:21.89ID:GoUsnOAi Windows10からメールを送った時の/var/log/stunnel.logの結果 ************************************************* Service [smtps] accepted (FD=3) from 192.168.11.6:51942 Service [smtps] started Waiting for a libwrap process Acquired libwrap process #0 Releasing libwrap process #0 Released libwrap process #0 Service [smtps] permitted by libwrap from 192.168.11.6:51942 Service [smtps] accepted connection from 192.168.11.6:51942 SSL state (accept): before/accept initialization SNI: no virtual services defined SSL state (accept): SSLv3 read client hello A SSL state (accept): SSLv3 write server hello A SSL state (accept): SSLv3 write certificate A SSL state (accept): SSLv3 write key exchange A SSL state (accept): SSLv3 write server done A SSL state (accept): SSLv3 flush data SSL state (accept): SSLv3 read client certificate A SSL state (accept): SSLv3 read client key exchange A SSL state (accept): SSLv3 read certificate verify A SSL state (accept): SSLv3 read finished A SSL state (accept): SSLv3 write session ticket A SSL state (accept): SSLv3 write change cipher spec A SSL state (accept): SSLv3 write finished A SSL state (accept): SSLv3 flush data 0638login:Penguin2019/01/12(土) 18:29:14.52ID:GoUsnOAi ログが長くて分割になる、すまん。上の続き
0 items in the session cache 0 client connects (SSL_connect()) 0 client connects that finished 0 client renegotiations requested 17 server connects (SSL_accept()) 9 server connects that finished 0 server renegotiations requested 0 session cache hits 0 external session cache hits 0 session cache misses 0 session cache timeouts SSL accepted: new session negotiated Negotiated protocol version: TLSv1 Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES256-SHA (256-bit encryption) Compression: null, expansion: null connect_blocking: connecting 127.0.0.1:25 connect_blocking: s_poll_wait 127.0.0.1:25: waiting 10 seconds connect_blocking: connected 127.0.0.1:25 Service [smtps] connected remote server from 127.0.0.1:52668 Remote socket (FD=14) initialized Service [smtps] accepted (FD=15) from 192.168.11.6:51943 SSL socket error: Connection reset by peer (104) 0639login:Penguin2019/01/12(土) 18:30:10.22ID:GoUsnOAi Connection reset: 16 byte(s) sent to SSL, 0 byte(s) sent to socket Remote socket (FD=14) closed Local socket (FD=3) closed Service [smtps] finished (0 left) Service [smtps] started Waiting for a libwrap process Acquired libwrap process #0 Releasing libwrap process #0 Released libwrap process #0 Service [smtps] permitted by libwrap from 192.168.11.6:51943 Service [smtps] accepted connection from 192.168.11.6:51943 SSL state (accept): before/accept initialization SSL alert (write): fatal: handshake failure SSL_accept: 1408A10B: error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket Local socket (FD=15) closed Service [smtps] finished (0 left) *************************************************
よければアドバイス頼むお。 0640login:Penguin2019/01/12(土) 19:40:34.14ID:AYI8TMI5 tlsv1とreset by peerが出てるのが気になるよ。 0641login:Penguin2019/01/12(土) 20:14:57.49ID:GoUsnOAi レスサンクス SSL socket error: Connection reset by peer (104) ってのは SSLの接続が強制的に切られているって意味だっけ。その理由がわからん・・・ tlsv1は何か気になる感じかな?