Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CLIENT SIDE:
- [amalogulko@work ~]$ openssl s_client -connect srv0.tg.local:465
- CONNECTED(00000003)
- depth=1 C = RU, ST = Moscow, L = Default City, O = TG, CN = srv1-mgmt-ispd-222-msk.tg.local, emailAddress = support@telecomguard.ru
- verify return:1
- depth=0 C = RU, ST = Moscow, O = TG, CN = srv0, emailAddress = support@telecomguard.ru
- verify return:1
- ---
- Certificate chain
- 0 s:/C=RU/ST=Moscow/O=TG/CN=srv0/emailAddress=support@telecomguard.ru
- i:/C=RU/ST=Moscow/L=Default City/O=TG/CN=srv1-mgmt-ispd-222-msk.tg.local/emailAddress=support@telecomguard.ru
- 1 s:/C=RU/ST=Moscow/L=Default City/O=TG/CN=srv1-mgmt-ispd-222-msk.tg.local/emailAddress=support@telecomguard.ru
- i:/C=RU/ST=Moscow/L=Default City/O=TG/CN=srv1-mgmt-ispd-222-msk.tg.local/emailAddress=support@telecomguard.ru
- ---
- Server certificate
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
- subject=/C=RU/ST=Moscow/O=TG/CN=srv0/emailAddress=support@telecomguard.ru
- issuer=/C=RU/ST=Moscow/L=Default City/O=TG/CN=srv1-mgmt-ispd-222-msk.tg.local/emailAddress=support@telecomguard.ru
- ---
- Acceptable client certificate CA names
- /C=RU/ST=Moscow/L=Default City/O=TG/CN=srv1-mgmt-ispd-222-msk.tg.local/emailAddress=support@telecomguard.ru
- ---
- SSL handshake has read 3612 bytes and written 323 bytes
- ---
- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
- Server public key is 4096 bit
- Secure Renegotiation IS supported
- Compression: zlib compression
- Expansion: zlib compression
- SSL-Session:
- Protocol : TLSv1
- Cipher : DHE-RSA-AES256-SHA
- Session-ID: B2B0E993F0F2B22A9BC5994D05099E68A47962A2FFC78045DBF960DF1F1F6B12
- Session-ID-ctx:
- Master-Key: 01155F0F80AB61AE6CDD46661266E4DC3CCB35B1D139DDC9D23DF4FF8AC6D933919A0B6F42D5DF661A56F98130E2ED3E
- Key-Arg : None
- Krb5 Principal: None
- PSK identity: None
- PSK identity hint: None
- TLS session ticket:
- 0000 - f1 2a 51 60 df 4a 02 8f-02 0a 44 5f bb 18 13 9e .*Q`.J....D_....
- Compression: 1 (zlib compression)
- Start Time: 1441205408
- Timeout : 300 (sec)
- Verify return code: 0 (ok)
- ---
- 220 srv0.tg.local ESMTP Postfix
- hello localhost
- mail from: zabbix@mynet.ru.
- rcpt to: amalogulko@mymail.ru.
- data
- JUNK DATA
- .
- 250 2.1.0 Ok
- 250 2.1.5 Ok
- 354 End data with <CR><LF>.<CR><LF>
- 250 2.0.0 Ok: queued as D5AD67A00F3
- SERVER SIDE:
- [root@srv0 ~]# postconf -n
- alias_database = hash:/etc/aliases
- alias_maps = hash:/etc/aliases
- command_directory = /usr/sbin
- config_directory = /etc/postfix
- daemon_directory = /usr/libexec/postfix
- data_directory = /var/lib/postfix
- debug_peer_level = 2
- html_directory = no
- inet_interfaces = all
- inet_protocols = all
- mail_owner = postfix
- mailq_path = /usr/bin/mailq.postfix
- manpage_directory = /usr/share/man
- mydestination = $myhostname, localhost.$mydomain, localhost
- mynetworks = 0.0.0.0/0
- newaliases_path = /usr/bin/newaliases.postfix
- queue_directory = /var/spool/postfix
- readme_directory = /usr/share/doc/postfix-2.8.12/README_FILES
- relay_domains = mymail.ru
- relayhost = [mailhost.mynet.ru]
- sample_directory = /usr/share/doc/postfix-2.8.12/samples
- sendmail_path = /usr/sbin/sendmail.postfix
- setgid_group = postdrop
- smtpd_recipient_restrictions = permit_mynetworks,permit_tls_all_clientcerts,reject_unauth_destination
- smtpd_tls_CAfile = /etc/ssl/certs/tgcacert.pem
- smtpd_tls_ask_ccert = yes
- smtpd_tls_cert_file = /etc/ssl/certs/srv0.pem
- smtpd_tls_key_file = /etc/ssl/certs/srv0.key
- smtpd_tls_loglevel = 2
- smtpd_tls_security_level = encrypt
- unknown_local_recipient_reject_code = 550
- LOG:
- Sep 2 17:49:17 srv0 postfix/postfix-script[22251]: starting the Postfix mail system
- Sep 2 17:49:17 srv0 postfix/master[22252]: daemon started -- version 2.8.12, configuration /etc/postfix
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: initializing the server-side TLS engine
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: connect from work.tg.local[172.21.177.89]
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: setting up TLS connection from work.tg.local[172.21.177.89]
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: work.tg.local[172.21.177.89]: TLS cipher list "ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!aNULL"
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:before/accept initialization
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 read client hello A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write server hello A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write certificate A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write key exchange A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write certificate request A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 flush data
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 read client certificate A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 read client key exchange A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 read finished A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write session ticket A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write change cipher spec A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 write finished A
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: SSL_accept:SSLv3 flush data
- Sep 2 17:50:08 srv0 postfix/smtpd[22326]: Anonymous TLS connection established from work.tg.local[172.21.177.89]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
- Sep 2 17:50:53 srv0 postfix/smtpd[22326]: improper command pipelining after MAIL from work.tg.local[172.21.177.89]
- Sep 2 17:50:53 srv0 postfix/smtpd[22326]: D5AD67A00F3: client=work.tg.local[172.21.177.89]
- Sep 2 17:50:53 srv0 postfix/cleanup[22334]: D5AD67A00F3: message-id=<>
- Sep 2 17:50:53 srv0 postfix/qmgr[22255]: D5AD67A00F3: from=<zabbix@mynet.ru>, size=368, nrcpt=1 (queue active)
- Sep 2 17:50:53 srv0 postfix/smtp[22335]: D5AD67A00F3: to=<amalogulko@mymail.ru>, orig_to=<amalogulko@mymail.ru.>, relay=mailhost.vimpelcom.ru[192.168.155.71]:25, delay=0.06, delays=0.01/0.01/0.01/0.03, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as DAE06C9A1E)
- Sep 2 17:50:53 srv0 postfix/qmgr[22255]: D5AD67A00F3: removed
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement