I've setup ispconfig3 on my debian six server, and here is a little smtp over ssl:
The server is postfix
AUTH PLAIN (LOL!)
235 2.7.0 Authentication successful
MAIL FROM: [email protected]
250 2.1.0 Ok
RCPT TO: [email protected]
RENEGOTIATING
depth=0 /C=AU/ST=NSW/L=Sydney/O=Self-Signed Key! Procees with caution!/OU=Web Hosting/[email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=AU/ST=NSW/L=Sydney/O=Self-Signed Key! Procees with caution!/OU=Web Hosting/[email protected]
verify return:1
DATA
554 5.5.1 Error: no valid recipients
but, the thing is, if I just do a vanilla telnet over port 25 I can authenticate and send mail like a madman... hopefully this is enough information! (as opposed to 'mail.app can't handle ssl!')
Pressing "R" in an s_client session causes openssl to renegotiate. Try entering "rcpt to:" instead of "RCPT TO".
You might also try tools that are more suited to SMTP-specific testing, such as Tony Finch's smtpc or swaks.
It's a design flaw in openssl. As @jj33 alludes, the R at the beginning of a line causes openssl to renegotiate.
Start openssl s_client with the
-quietoption. I use:Granted, you will not see as much debugging output for the certificate. If it fails to verify the cert, you may need to add that option.
Hat tips:
https://serverfault.com/a/336657/238998
I didn't mean to steal your answer, but I thought it better if there is an actual answer which fully explains the work-around, rather than for people to fish in comments.