Ubuntu

Postfix - TLS handshake failure

Asked by Jorge Mota on 2015-06-17

Hi,

I have a Ubuntu server 14.04.
After OpenSSL update, I can't send mail to my Mail Relay (DNSExit) due to a TLS handshake failure.

My mail.log:

Jun 17 21:58:29 webserver postfix/smtp[4255]: SSL_connect error to relay.dnsexit.com[64.182.102.185]:25: -1
Jun 17 21:58:29 webserver postfix/smtp[4255]: warning: TLS library problem: error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small:s3_clnt.c:3339:
Jun 17 21:58:29 webserver postfix/smtp[4255]: 9015A402985: Cannot start TLS: handshake failure

Any help please?

Thanks in Advance.

Jorge Mota

Question information

Language:: English Edit question

Status:: Answered

For:: Ubuntu Edit question

Assignee:: No assignee Edit question

Last query:: 2015-06-17

Last reply:: 2015-06-18

Link existing bug

Revision history for this message

Rusty Shackleford (shackleford071250) said on 2015-06-18:

This is most likely due to changes to OpenSSL to prevent the logjam exploit.
Suggested configuration for Postfix can be found on this page:
https://weakdh.org/sysadmin.html

Revision history for this message

Jorge Mota (jomimota) said on 2015-06-18:

Ok, thank you.

I already implemented the weakdh.org suggested configuration.
I think it is a problem in the provider server.

Can you help with this problem?

Provide an answer of your own, or ask Jorge Mota for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Ubuntu

Postfix - TLS handshake failure

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers