[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor TLS error

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor TLS error
From: Marsh Ray <marsh@xxxxxxxxxxxxxxxxxx>
Date: Fri, 27 May 2011 11:39:05 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 27 May 2011 12:39:21 -0400
In-reply-to: <20110527160606.GH14229@xxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20110527153555.GE14229@xxxxxxxx> <85ipswf888.fsf@xxxxxxxx> <20110527160606.GH14229@xxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.17) Gecko/20110424 Thunderbird/3.1.10

Which version (number, distribution) of OpenSSL are you using? The line
number s23_clnt.c:607 might tell us something.

Could you get a packet capture (Wireshark, tshark, tcpdump, etc.)?

It's probably only a few KB of the packets which are relevant to the
failed connection attempt.

On 05/27/2011 11:06 AM, alex wrote:

On 05-27 17:56, intrigeri wrote:

Not really, but enabling starttls mode makes it work: $
/usr/bin/torify openssl s_client -starttls smtp -connect
83.223.73.105:465


True, but I actually want to *not* do that.


My guess is that the problem relates to the SMTP server not accepting
raw TLS on port 465. Is the perhaps an MS Exchange server?

From http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol :

Server administrators choose whether clients use TCP port 25 (SMTP)
or port 587 (Submission), as formalized in RFC 4409, for relaying
outbound mail to a mail server. The specifications and many servers
support both. Although some servers support port 465 for legacy
secure SMTP in violation of the specifications, it is preferable to
use standard ports and standard ESMTP commands[14] according to RFC
3207 if a secure session needs to be used between the client and the
server. Some servers are set up to reject all relaying on port 25,
but valid users authenticating on port 587 are allowed to relay mail
to any valid address.


Can you use port 587?

- Marsh
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Tor TLS error
  - From: alex

References:
- [tor-talk] Tor TLS error
  - From: alex
- Re: [tor-talk] Tor TLS error
  - From: intrigeri
- Re: [tor-talk] Tor TLS error
  - From: alex

Prev by Author: Re: [tor-talk] Securing a Relay - chroot
Next by Author: Re: [tor-talk] Securing a Relay - chroot
Previous by thread: Re: [tor-talk] Tor TLS error
Next by thread: Re: [tor-talk] Tor TLS error
Index(es):
- Author
- Thread