TLS and SMTP auth problem
Hello,
I'm running the following mailserver setup:
I'm running a Debian woody server at home with postfix, which relays all
mail over to my external Debian sarge root server, running qmail. Now I
want to use smtp auth and tls.
This is how my qmail server answers to telnet localhost 25
EHLO
250-rom.iunius.org
250-STARTTLS
250-AUTH LOGIN CRAM-MD5 PLAIN
250-AUTH=LOGIN CRAM-MD5 PLAIN
250-PIPELINING
250 8BITMIME
But this is how the postfix server at home opens the tls connection to
my qmail server.
Apr 30 16:30:07 santa postfix/smtp[17645]: TLS connection established to
iunius.org: TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
The result is that I can not relay, because i'm not authenticated:
553 sorry, that domain isn't in my list of allowed rcpthosts; no valid
cert for gatewaying (#5.7.1))
Incoming TLS connections to my postfix server are working, as you can see:
Apr 30 16:46:33 santa postfix/smtpd[18101]: TLS connection established
from barney.springfield.home[10.10.42.18]: TLSv1 with cipher RC4-MD5
(128/128 bits)
And this is how the postfix server answers to telnet localhost 25:
250-santa.springfield.home
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5
250-AUTH=GSSAPI DIGEST-MD5 CRAM-MD5
250-XVERP
250 8BITMIME
So, as far as I understand the problem, my postfix is using the wrong
cipher, when connecting to my external mail relay. Is this right, so far?
If yes, how do I change this for example to MD5 as above?
Or is this an other kind of problem?
Hope someone can help me.
King Regards,
Andreas
Reply to: