# Trouble with Postfix and SMTPS



## circus78 (Nov 17, 2013)

Hi,

I'm getting this error while sending email through my mail server (mail/postfix-current-2.11.20131001,4):


```
Nov 17 13:04:32 <mail.info> nightschool postfix/smtps/smtpd[70855]: connect from unknown[192.168.106.14]
Nov 17 13:04:32 <mail.info> nightschool postfix/smtps/smtpd[70855]: SSL_accept error from unknown[192.168.106.14]: 0
Nov 17 13:04:32 <mail.warn> nightschool postfix/smtps/smtpd[70855]: warning: TLS library problem: 70855:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_pkt.c:1106:SSL alert number 48:
Nov 17 13:04:32 <mail.info> nightschool postfix/smtps/smtpd[70855]: lost connection after CONNECT from unknown[192.168.106.14]
Nov 17 13:04:32 <mail.info> nightschool postfix/smtps/smtpd[70855]: disconnect from unknown[192.168.106.14]
```

This is my /usr/local/etc/postfix/master.cf relevant configuration:


```
smtps     inet  n       -       n       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
#  -o smtpd_client_restrictions=$mua_client_restrictions
#  -o smtpd_helo_restrictions=$mua_helo_restrictions
#  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING
  -o smtpd_tls_key_file=/etc/ssl/server.key
  -o smtpd_tls_cert_file=/etc/ssl/server.crt
  -o smtpd_use_tls=no
  -o smtpd_tls_auth_only=no
  -o smtpd_tls_CAfile=/etc/ssl/cacert-root.crt
  -o smtpd_tls_loglevel=1
  -o smtpd_tls_received_header=yes
  -o smtpd_tls_session_cache_timeout=3600s
  -o broken_sasl_auth_clients=yes
  -o tls_random_source=dev:/dev/urandom
```

Can you help me on this issue?
Thank you.


----------



## quintessence (Nov 19, 2013)

Hi,

The information you provided is almost none. Debug the connection from the client side with OpenSSL or from the server side by placing -vvv args after the command smtpd for the service smtps in master.cf. Also check all your certificates (for which you don't provide any info) both on client and server sides.


----------



## circus78 (Nov 26, 2013)

Hi @quintessence,

I solved this by removing only two lines:

```
-o syslog_name=postfix/smtps
-o milter_macro_daemon_name=ORIGINATING
```
Other configuration was fine.


----------

