Menu
▾
▴
Re: [Hermesmail-discuss] Send 10054 errors
|
From: Ronald v. G. <ro...@t-...> - 2021-02-18 09:25:19
|
Hi Michael.
You can trace the source code to find references to it and try to
understand how they work.
By example, this are some code snipets with some of those parameters:
m_pSSLReference->m_CertificateInfo.m_bIgnoreExpired =
pSettings->m_nSSLReceiveIgnoreExpiredCerts;
m_pSSLReference->m_ProtocolInfo.m_AllowSSL_2_0 =
pSettings->m_nSSLReceiveAllowVersion2;
m_pSSLReference->m_SSLLogSession = pSettings->m_SSLReceiveLogSession;
m_pSSLReference->m_ProtocolInfo.m_AllowRegExp =
pSettings->m_SSLReceiveAllowRegExp;
m_pSSLReference->m_ProtocolInfo.m_CipherSuite =
pSettings->m_SSLReceiveCipherSuite;
m_pSSLReference->m_ProtocolInfo.m_MinEncryption =
pSettings->m_SSLReceiveMinEncryption;
m_pSSLReference->m_ProtocolInfo.m_MinKeyExchangeLength =
pSettings->m_SSLReceiveMinKeyExchangeLength;
m_pSSLReference->m_CertificateInfo.m_csPrivateKey =
pSettings->m_SSLReceivePrivateKey;
m_pSSLReference->m_CertificateInfo.m_csPassPhrase=
pSettings->m_SSLReceivePrivateKeyPassword;
And here they manage one of the (MinEncryption):
[...]
IDS_ERR_MINENCRYPTIONNONO "You have configured this
personality/protocol to reject encryption levels below %ld.,\r\n But
the negotiated encryption level is %ld\r\n Hence this established
secure channel is unacceptable. Connection will be dropped."
[...]
// No easy way to determine this under SSL Plus 4.X.
if (pConnectionInfo->m_CipherKeyBits <
pSSLReference->m_ProtocolInfo.m_MinEncryption)
{
CString csError;
csError.Format(CResString(IDS_ERR_MINENCRYPTIONNONO),
pSSLReference->m_ProtocolInfo.m_MinEncryption,
pConnectionInfo->m_CipherKeyBits);
pConnectionInfo->m_Outcome.AddErrors(csError);
pConnectionInfo->m_Outcome.m_Outcome =
SSLOutcome::SSLREJECTED;
}
[...]
Of course, get some kind of documentation should be a lot easier ;-)
Regards!
______________________________________________________________________________________________________________________________________
I have been getting 10054 errors while sending email. No issues
receiving mail, just sending. Sometime merely retrying the send
works for smaller message, but if there are embedded images or
attachments that doesn't work. My email provider provided the
following from one of the failures
Dec 17 20:28:24 pb-smtp21 postfix-sasl-smtpd[80996]: [ID 947731
mail.warning] warning: TLS library problem: error:1408F119:SSL
routines:SSL3_GET_RECORD:decryption failed or bad record
mac:s3_pkt.c:535: 2:49
Dec 17 20:28:24 pb-smtp21 postfix-sasl-smtpd[80996]: [ID 197553
mail.info] lost connection after DATA (5739 bytes) from unknown[x.x.x.x]
I have tried another email app (Pandors) and it does not have the
same issue. So, I am looking to tweak the SSLSend options in
Eudora.ini to see if I can resolve this issus with OpenSSL. However,
I have been able to find any detail explanations of the
following settings and the Eudora/Hermes pop-up for the option is
singularly un-enlightening.
< X-Eudora-Option:SSLSendAllowRegExp>
< X-Eudora-Option:SSLSendAllowVersion2>
< X-Eudora-Option:SSLSendCipherSuite>
< X-Eudora-Option:SSLSendClientCertsFile>
< X-Eudora-Option:SSLSendClientCertsInfo>
< X-Eudora-Option:SSLSendIgnoreExpCert>
< X-Eudora-Option:SSLSendLogSession>
< X-Eudora-Option:SSLSendMinEncryption>
< X-Eudora-Option:SSLSendMinKeyExchangeLength>
< x-Eudora-option:SSLSendPrivateKey>
< x-Eudora-option:SSLSendPrivateKeyPassword>
< X-Eudora-Option:SSLSendUse>
< X-Eudora-Option:SSLSendVersion>
< X-Eudora-Option:SSLSendVersion3>
Might someone be able to direct me to where I might find the details
on these option settings?
Thank you in advance.
_______________________________________________
Hermesmail-discuss mailing list
Her...@li...
https://lists.sourceforge.net/lists/listinfo/hermesmail-discuss
______________________________________________________________________________________________________________________________________ |
