Re: when should we esmtps our mxes?

To: debian-devel@lists.debian.org
Subject: Re: when should we esmtps our mxes?
From: Ivan Shmakov <ivan@siamics.net>
Date: Mon, 24 Oct 2016 13:00:35 +0000
Message-id: <[🔎] 87d1ip52bw.fsf@violet.siamics.net>
In-reply-to: <[🔎] 20161024123312.bujfrskmzrg3bqat@belkar.wrar.name> (Andrey Rahmatullin's message of "Mon, 24 Oct 2016 17:33:12 +0500")
References: <[🔎] CAPgP4gxcptXTNcEFb5Jf+SkAYPWSuXwRVAoiqmABG_+gDCdGYw@mail.gmail.com> <[🔎] 20161024085921.rirykzuqhzopvhyo@bunk.spdns.de> <[🔎] CAPgP4gwDQEiFdzd4VHEoLSvX7vOOTGmAjQ5QF-=5FCxhW1sAJw@mail.gmail.com> <[🔎] 87h9823r8i.fsf_-_@violet.siamics.net> <[🔎] 20161024123312.bujfrskmzrg3bqat@belkar.wrar.name>

>>>>> Andrey Rahmatullin <wrar@debian.org> writes:
>>>>> On Mon, Oct 24, 2016 at 11:45:33AM +0000, Ivan Shmakov wrote:

 >> $ gnutls-cli --starttls -p 25 bendel.debian.org 

[…]

 >> Connecting to '82.195.75.100:443'...

 > I cannot reproduce gnutls-cli connecting to :443 when asked :25.

	Indeed, my mistake; I somehow managed to MIME the wrong
	transcript.  Here’s the correct one.

[…]

-- 
FSF associate member #7257  58F8 0F47 53F5 2EB2 F6A5  8916 3013 B6A0 230E 334A

Processed 173 CA certificate(s).
Resolving 'bendel.debian.org'...
Connecting to '2001:41b8:202:deb:216:36ff:fe40:4002:25'...

- Simple Client Mode:

220 bendel.debian.org ESMTP Postfix
EHLO test 
250-bendel.debian.org
250-PIPELINING
250-SIZE 30720000
250-STARTTLS
250-ENHANCEDSTATUSCODES
250 8BITMIME
STARTTLS
220 2.0.0 Ready to start TLS
*** Starting TLS handshake
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
 - subject `C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=bendel.debian.org,EMAIL=hostmaster@bendel.debian.org', issuer `C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=Debian SMTP CA,EMAIL=hostmaster@puppet.debian.org', RSA key 2048 bits, signed using RSA-SHA1, activated `2016-02-09 00:00:13 UTC', expires `2017-02-08 00:00:13 UTC', SHA-1 fingerprint `d99dffbab982a0bbca0f95cf88401f75d75a0194'
	Public Key ID:
		a6fa6354cd66e04bba4f3c3e5f45bf82afe17b61
	Public key's random art:
		+--[ RSA 2048]----+
		|                 |
		|        .        |
		|       . +    .  |
		|        + =  . . |
		|       +S+    . .|
		|      o+.   .E  .|
		|     ...+  oo... |
		|     .+o....o..  |
		|    .o.ooo.++.   |
		+-----------------+

- Certificate[1] info:
 - subject `C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=Debian SMTP CA,EMAIL=hostmaster@puppet.debian.org', issuer `C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=Debian SMTP CA,EMAIL=hostmaster@puppet.debian.org', RSA key 2048 bits, signed using RSA-SHA1, activated `2009-04-04 22:40:56 UTC', expires `2019-04-02 22:40:56 UTC', SHA-1 fingerprint `2bd080f1a4c79bae4d8ce3728fd2483b49ce4ca5'
- Status: The certificate is NOT trusted. The certificate issuer is unknown. 
*** PKI verification of server certificate failed...
*** Fatal error: Error in the certificate.
*** Handshake has failed

Reply to:

Follow-Ups:
- Re: when should we esmtps our mxes?
  - From: Ben Hutchings <ben@decadent.org.uk>

References:
- Re: When should we https our mirrors?
  - From: Kristian Erik Hermansen <kristian.hermansen@gmail.com>
- Re: When should we https our mirrors?
  - From: Adrian Bunk <bunk@stusta.de>
- Re: When should we https our mirrors?
  - From: Kristian Erik Hermansen <kristian.hermansen@gmail.com>
- when should we esmtps our mxes?
  - From: Ivan Shmakov <ivan@siamics.net>
- Re: when should we esmtps our mxes?
  - From: Andrey Rahmatullin <wrar@debian.org>

Prev by Date: Bug#841920: ITP: gnome-shell-extension-hide-activities -- gnome shell extension that hides the activities button
Next by Date: Re: when should we esmtps our mxes?
Previous by thread: Re: when should we esmtps our mxes?
Next by thread: Re: when should we esmtps our mxes?
Index(es):
- Date
- Thread