Issues delivering mail from GMX to my postfix

Patrick Domack patrickdk at patrickdk.com
Thu May 19 16:37:15 CEST 2016


Looks like two different issues.

The certificate name on smtp3.strotmann.de doesn't match, it is  
mail.tidelock.de instead.

When using smtp2.strotmann.de, the TLS/DANE part works fine, but after  
this, and you attempt to send an email, it fails.
posttls-finger: Verified TLS connection established to  
smtp2.strotmann.de[5.45.109.212]:25: TLSv1.2 with cipher  
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
posttls-finger: > EHLO mx3.grsi.com
posttls-finger: < 500 5.5.1 Command unrecognized
posttls-finger: EHLO rejected: 500 5.5.1 Command unrecognized
posttls-finger: > QUIT

I am not sure what is talking here, but it's not postfix and it's not  
allowing the ehlo to be processed.


Quoting "Carsten Strotmann (sys4)" <cs at sys4.de>:

> Hi,
>
> I've got a report from a user that tries to send an mail from GMX to my
> private mail account.
>
> The mail-account is secured by DANE/TLSA and running on Postfix.
> "dane.sys4.de" does not report any issues, but GMX refuses to deliver
> mail with this message:
>
> ----------------------------schnipp----------------------------
> This message was created automatically by mail delivery software.
>
> A message that you sent could not be delivered to one or more of
> its recipients. This is a permanent error. The following address(es)
> failed:
>
> cas at strotmann.de:
> remote MX does not support STARTTLS
> ----------------------------schnipp----------------------------
>
> Has anyone seen a similar issue? Any ideas how to troubleshoot?
>
> Best regards
>
> Carsten





More information about the dane-users mailing list