Настроил виртуальный почтовый сервер (postfix + dovecot + postfix.admin)
openSUSE 12.3 x86_64 (stf.pp.ua)
postfix 2.9.6
dovecot 2.2.4
poostfix.admin 2.3.6
#stf:/ # postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = /usr/share/doc/packages/postfix-doc/html
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost
mydomain = pp.ua
myhostname = stf.pp.ua
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
sample_directory = /usr/share/doc/packages/postfix-doc/samples
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_tls_cert_file = /etc/ssl/certs/stf.pp.ua.crt
smtp_tls_key_file = /etc/ssl/private/stf.pp.ua.rsa
smtp_tls_loglevel = 4
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/stf.pp.ua.crt
smtpd_tls_key_file = /etc/ssl/private/stf.pp.ua.rsa
smtpd_tls_loglevel = 4
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_session_cache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:51
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 51
virtual_transport = virtual
virtual_uid_maps = static:51
cat /etc/postfix/master.cf (За комментированные строки убрал)
submission inet n - n - - smtpd -v
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_login_maps=hash:/etc/postfix/virtual
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o smtpd_recipient_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
stf:/ # doveconf -n
# 2.2.4: /etc/dovecot/dovecot.conf
# OS: Linux 3.10.0-1.g3dcd746-desktop x86_64 openSUSE 12.3 (x86_64) ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = digest-md5 plain
auth_verbose = yes
auth_verbose_passwords = plain
base_dir = /var/run/dovecot/
debug_log_path = /var/log/dovecot/dovecot-debug.log
disable_plaintext_auth = no
first_valid_gid = 12
first_valid_uid = 8
info_log_path = /var/log/dovecot/dovecot-info.log
last_valid_gid = 51
last_valid_uid = 51
log_path = /var/log/dovecot/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = postfix
mail_debug = yes
mail_location = maildir:/var/spool/mail/virtual/%d/%n
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group = postfix
mode = 0660
user = postfix
}
}
service dict {
unix_listener dict {
group = postfix
mode = 0660
user = postfix
}
}
service director {
unix_listener director-userdb {
mode = 0660
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
mode = 0666
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
ssl_cert = </etc/ssl/certs/stf.pp.ua.crt
ssl_key = </etc/ssl/private/stf.pp.ua.rsa
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
verbose_ssl = yes
Где ключи создавались так:
# openssl genrsa -out stf.pp.ua.rsa 2048
# openssl req -new -x509 -days 3653 -key stf.pp.ua.rsa -out stf.pp.ua.crt
Идентификаторы групп и пользавателей:
mail:mail(8:12) postfix:postfix(51:51)
Суть проблемы в том. что провайдер режет на выходе 25-ый порт (сервер из вне по нему доступен, но через telnet подключиться к любому из smtp серверов нельзя).
Я пытаюсь для отправки и доставки почты использовать 587-ой порт, но sendmal -t ломится на 25 (connect to gmail-smtp-in.l.google.com[173.194.71.26]:25: Connection timed out), хотя гугл вполне поддерживает TLS и может получать на 587-ой порт
А при использовании telnet localhost 587 возникает странная ошибка TLS
# telnet localhost 587
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 stf.pp.ua ESMTP Postfix (2.9.6)
# EHLO localhost
250-stf.pp.ua
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
# STARTTLS
220 2.0.0 Ready to start TLS
# MAIL FROM:ilya@stf.pp.ua
Connection closed by foreign host.
При этом, не ввожу STARTTLS, то и начинаю вводить заголовки. то мне пишется
530 5.7.0 Must issue a STARTTLS command first
В логе mail.err всегда пусто. в логе mail.warn ещё при запуске сервера присутствуют странные строки:
2013-07-11T16:11:24.438327+03:00 stf postfix/tlsmgr[8719]: warning: request to update table btree:/var/spool/postfix/smtpd_tls_session_cache in non-postfix directory /var/spool/postfix
2013-07-11T16:11:24.438715+03:00 stf postfix/tlsmgr[8719]: warning: redirecting the request to postfix-owned data_directory /var/lib/postfix
При этом если владельцем папки /var/spool/postfix/ сделать postfix и/или права поставить выше 755. то при запуске systemctl status postfix.service предупреждает о том. что владелец этой папки НЕ root и/или группе или остальным разрешено записывать в неё.
Инными словами root:root 755 вполне нормальные привелегии для /var/spool/postfix/ и откуда берётся первая строчка понятия не имею, но тем не менее директория /var/lib/postfix/ существует и владеет ей postfix и имеет права на запись. так что всё что я в нём ничего страшного не вижу.
Другое дело. появляется ещё одна строчка при закрытии telnet-а когда я пытаюсь прописать заголовки:
2013-07-11T17:02:49.534813+03:00 stf postfix/smtpd[9039]: warning: TLS library problem: 9039:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:628:
При этом полный лог происходящего в mail.inf выглядит так:
2013-07-11T17:02:11.999903+03:00 stf postfix/smtpd[9039]: name_mask: all
2013-07-11T17:02:12.001328+03:00 stf postfix/smtpd[9039]: inet_addr_local: configured 2 IPv4 addresses
2013-07-11T17:02:12.002187+03:00 stf postfix/smtpd[9039]: inet_addr_local: configured 0 IPv6 addresses
2013-07-11T17:02:12.003270+03:00 stf postfix/smtpd[9039]: process generation: 23 (23)
2013-07-11T17:02:12.004244+03:00 stf postfix/smtpd[9039]: match_string: mynetworks ~? debug_peer_list
2013-07-11T17:02:12.006310+03:00 stf postfix/smtpd[9039]: match_string: mynetworks ~? fast_flush_domains
2013-07-11T17:02:12.007559+03:00 stf postfix/smtpd[9039]: match_string: mynetworks ~? mynetworks
2013-07-11T17:02:12.008549+03:00 stf postfix/smtpd[9039]: match_string: relay_domains ~? debug_peer_list
2013-07-11T17:02:12.009508+03:00 stf postfix/smtpd[9039]: match_string: relay_domains ~? fast_flush_domains
2013-07-11T17:02:12.010141+03:00 stf postfix/smtpd[9039]: match_string: relay_domains ~? mynetworks
2013-07-11T17:02:12.010548+03:00 stf postfix/smtpd[9039]: match_string: relay_domains ~? permit_mx_backup_networks
2013-07-11T17:02:12.011144+03:00 stf postfix/smtpd[9039]: match_string: relay_domains ~? qmqpd_authorized_clients
2013-07-11T17:02:12.011598+03:00 stf postfix/smtpd[9039]: match_string: relay_domains ~? relay_domains
2013-07-11T17:02:12.012117+03:00 stf postfix/smtpd[9039]: match_string: permit_mx_backup_networks ~? debug_peer_list
2013-07-11T17:02:12.012558+03:00 stf postfix/smtpd[9039]: match_string: permit_mx_backup_networks ~? fast_flush_domains
2013-07-11T17:02:12.013031+03:00 stf postfix/smtpd[9039]: match_string: permit_mx_backup_networks ~? mynetworks
2013-07-11T17:02:12.013454+03:00 stf postfix/smtpd[9039]: match_string: permit_mx_backup_networks ~? permit_mx_backup_networks
2013-07-11T17:02:12.013877+03:00 stf postfix/smtpd[9039]: connect to subsystem private/proxymap
2013-07-11T17:02:12.014395+03:00 stf postfix/smtpd[9039]: send attr request = open
2013-07-11T17:02:12.014825+03:00 stf postfix/smtpd[9039]: send attr table = unix:passwd.byname
2013-07-11T17:02:12.015314+03:00 stf postfix/smtpd[9039]: send attr flags = 0
2013-07-11T17:02:12.015778+03:00 stf postfix/smtpd[9039]: private/proxymap socket: wanted attribute: status
2013-07-11T17:02:12.016319+03:00 stf postfix/smtpd[9039]: input attribute name: status
2013-07-11T17:02:12.016920+03:00 stf postfix/smtpd[9039]: input attribute value: 0
2013-07-11T17:02:12.017373+03:00 stf postfix/smtpd[9039]: private/proxymap socket: wanted attribute: flags
2013-07-11T17:02:12.017865+03:00 stf postfix/smtpd[9039]: input attribute name: flags
2013-07-11T17:02:12.018245+03:00 stf postfix/smtpd[9039]: input attribute value: 16
2013-07-11T17:02:12.018675+03:00 stf postfix/smtpd[9039]: private/proxymap socket: wanted attribute: (list terminator)
2013-07-11T17:02:12.019060+03:00 stf postfix/smtpd[9039]: input attribute name: (end)
2013-07-11T17:02:12.019436+03:00 stf postfix/smtpd[9039]: dict_proxy_open: connect to map=unix:passwd.byname status=0 server_flags=fixed
2013-07-11T17:02:12.019828+03:00 stf postfix/smtpd[9039]: dict_open: proxy:unix:passwd.byname
2013-07-11T17:02:12.020202+03:00 stf postfix/smtpd[9039]: Compiled against Berkeley DB: 4.8.30?
2013-07-11T17:02:12.020570+03:00 stf postfix/smtpd[9039]: Run-time linked against Berkeley DB: 4.8.30?
2013-07-11T17:02:12.020959+03:00 stf postfix/smtpd[9039]: dict_open: hash:/etc/aliases
2013-07-11T17:02:12.021334+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: user = postfix
2013-07-11T17:02:12.021774+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: password = mVJ9WfFGVKmyNAGr
2013-07-11T17:02:12.022161+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: dbname = postfix
2013-07-11T17:02:12.022525+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: result_format = %s
2013-07-11T17:02:12.022920+03:00 stf postfix/smtpd[9039]: cfg_get_int: /etc/postfix/mysql_virtual_alias_maps.cf: expansion_limit = 0
2013-07-11T17:02:12.050215+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: query = <NULL>
2013-07-11T17:02:12.050636+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: table = alias
2013-07-11T17:02:12.051090+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: select_field = goto
2013-07-11T17:02:12.051455+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: where_field = address
2013-07-11T17:02:12.051834+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: additional_conditions = and active = '1'
2013-07-11T17:02:12.052210+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: domain =
2013-07-11T17:02:12.052584+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_alias_maps.cf: hosts = localhost
2013-07-11T17:02:12.052990+03:00 stf postfix/smtpd[9039]: dict_open: mysql:/etc/postfix/mysql_virtual_alias_maps.cf
2013-07-11T17:02:12.053333+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: user = postfix
2013-07-11T17:02:12.053695+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: password = mVJ9WfFGVKmyNAGr
2013-07-11T17:02:12.054063+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: dbname = postfix
2013-07-11T17:02:12.054474+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: result_format = %s
2013-07-11T17:02:12.054857+03:00 stf postfix/smtpd[9039]: cfg_get_int: /etc/postfix/mysql_virtual_mailbox_maps.cf: expansion_limit = 0
2013-07-11T17:02:12.055216+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: query = <NULL>
2013-07-11T17:02:12.055581+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: table = mailbox
2013-07-11T17:02:12.055970+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: select_field = maildir
2013-07-11T17:02:12.056341+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: where_field = username
2013-07-11T17:02:12.056683+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: additional_conditions =
2013-07-11T17:02:12.057080+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: domain =
2013-07-11T17:02:12.057564+03:00 stf postfix/smtpd[9039]: cfg_get_str: /etc/postfix/mysql_virtual_mailbox_maps.cf: hosts = localhost
2013-07-11T17:02:12.057942+03:00 stf postfix/smtpd[9039]: dict_open: mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
2013-07-11T17:02:12.058316+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? debug_peer_list
2013-07-11T17:02:12.058739+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? fast_flush_domains
2013-07-11T17:02:12.059161+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? mynetworks
2013-07-11T17:02:12.059581+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? permit_mx_backup_networks
2013-07-11T17:02:12.060019+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? qmqpd_authorized_clients
2013-07-11T17:02:12.060530+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? relay_domains
2013-07-11T17:02:12.061158+03:00 stf postfix/smtpd[9039]: match_string: smtpd_access_maps ~? smtpd_access_maps
2013-07-11T17:02:12.061668+03:00 stf postfix/smtpd[9039]: Compiled against Berkeley DB: 4.8.30?
2013-07-11T17:02:12.062176+03:00 stf postfix/smtpd[9039]: Run-time linked against Berkeley DB: 4.8.30?
2013-07-11T17:02:12.062622+03:00 stf postfix/smtpd[9039]: dict_open: hash:/etc/postfix/virtual
2013-07-11T17:02:12.062979+03:00 stf postfix/smtpd[9039]: unknown_helo_hostname_tempfail_action = defer_if_permit
2013-07-11T17:02:12.063360+03:00 stf postfix/smtpd[9039]: unknown_address_tempfail_action = defer_if_permit
2013-07-11T17:02:12.063733+03:00 stf postfix/smtpd[9039]: unverified_recipient_tempfail_action = defer_if_permit
2013-07-11T17:02:12.064116+03:00 stf postfix/smtpd[9039]: unverified_sender_tempfail_action = defer_if_permit
2013-07-11T17:02:12.064489+03:00 stf postfix/smtpd[9039]: name_mask: 4
2013-07-11T17:02:12.064930+03:00 stf postfix/smtpd[9039]: initializing the server-side TLS engine
2013-07-11T17:02:12.065305+03:00 stf postfix/smtpd[9039]: auto_clnt_create: transport=local endpoint=private/tlsmgr
2013-07-11T17:02:12.065879+03:00 stf postfix/smtpd[9039]: auto_clnt_open: connected to private/tlsmgr
2013-07-11T17:02:12.066389+03:00 stf postfix/smtpd[9039]: send attr request = seed
2013-07-11T17:02:12.066899+03:00 stf postfix/smtpd[9039]: send attr size = 32
2013-07-11T17:02:12.067328+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: status
2013-07-11T17:02:12.067704+03:00 stf postfix/smtpd[9039]: input attribute name: status
2013-07-11T17:02:12.068105+03:00 stf postfix/smtpd[9039]: input attribute value: 0
2013-07-11T17:02:12.068544+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: seed
2013-07-11T17:02:12.068900+03:00 stf postfix/smtpd[9039]: input attribute name: seed
2013-07-11T17:02:12.069270+03:00 stf postfix/smtpd[9039]: input attribute value: WXsG+pI9dTVk4irg89NpjsGf/V9uiRoyYv5/vT8EKjM=
2013-07-11T17:02:12.069644+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: (list terminator)
2013-07-11T17:02:12.070018+03:00 stf postfix/smtpd[9039]: input attribute name: (end)
2013-07-11T17:02:12.070385+03:00 stf postfix/smtpd[9039]: send attr request = policy
2013-07-11T17:02:12.070837+03:00 stf postfix/smtpd[9039]: send attr cache_type = smtpd
2013-07-11T17:02:12.071218+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: status
2013-07-11T17:02:12.071775+03:00 stf postfix/smtpd[9039]: input attribute name: status
2013-07-11T17:02:12.072331+03:00 stf postfix/smtpd[9039]: input attribute value: 0
2013-07-11T17:02:12.072861+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: cachable
2013-07-11T17:02:12.073285+03:00 stf postfix/smtpd[9039]: input attribute name: cachable
2013-07-11T17:02:12.073662+03:00 stf postfix/smtpd[9039]: input attribute value: 1
2013-07-11T17:02:12.074025+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: (list terminator)
2013-07-11T17:02:12.074403+03:00 stf postfix/smtpd[9039]: input attribute name: (end)
2013-07-11T17:02:12.074787+03:00 stf postfix/smtpd[9039]: match_string: fast_flush_domains ~? debug_peer_list
2013-07-11T17:02:12.075164+03:00 stf postfix/smtpd[9039]: match_string: fast_flush_domains ~? fast_flush_domains
2013-07-11T17:02:12.075601+03:00 stf postfix/smtpd[9039]: auto_clnt_create: transport=local endpoint=private/anvil
2013-07-11T17:02:12.075993+03:00 stf postfix/smtpd[9039]: connection established
2013-07-11T17:02:12.076360+03:00 stf postfix/smtpd[9039]: master_notify: status 0
2013-07-11T17:02:12.076753+03:00 stf postfix/smtpd[9039]: name_mask: resource
2013-07-11T17:02:12.077121+03:00 stf postfix/smtpd[9039]: name_mask: software
2013-07-11T17:02:12.077499+03:00 stf postfix/smtpd[9039]: connect from localhost[127.0.0.1]
2013-07-11T17:02:12.077854+03:00 stf postfix/smtpd[9039]: match_list_match: localhost: no match
2013-07-11T17:02:12.078207+03:00 stf postfix/smtpd[9039]: match_list_match: 127.0.0.1: no match
2013-07-11T17:02:12.078614+03:00 stf postfix/smtpd[9039]: match_list_match: localhost: no match
2013-07-11T17:02:12.078975+03:00 stf postfix/smtpd[9039]: match_list_match: 127.0.0.1: no match
2013-07-11T17:02:12.079318+03:00 stf postfix/smtpd[9039]: smtp_stream_setup: maxtime=300 enable_deadline=0
2013-07-11T17:02:12.079686+03:00 stf postfix/smtpd[9039]: match_hostname: localhost ~? 127.0.0.0/8
2013-07-11T17:02:12.080076+03:00 stf postfix/smtpd[9039]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8
2013-07-11T17:02:12.080418+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 220 stf.pp.ua ESMTP Postfix (2.9.6)
2013-07-11T17:02:26.994287+03:00 stf postfix/smtpd[9039]: < localhost[127.0.0.1]: EHLO localhost
2013-07-11T17:02:26.996004+03:00 stf postfix/smtpd[9039]: match_list_match: localhost: no match
2013-07-11T17:02:26.996852+03:00 stf postfix/smtpd[9039]: match_list_match: 127.0.0.1: no match
2013-07-11T17:02:26.997640+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-stf.pp.ua
2013-07-11T17:02:26.998543+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-PIPELINING
2013-07-11T17:02:26.999449+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-SIZE 10240000
2013-07-11T17:02:27.000058+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-VRFY
2013-07-11T17:02:27.000386+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-ETRN
2013-07-11T17:02:27.000715+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-STARTTLS
2013-07-11T17:02:27.001052+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-ENHANCEDSTATUSCODES
2013-07-11T17:02:27.001446+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250-8BITMIME
2013-07-11T17:02:27.001781+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 250 DSN
2013-07-11T17:02:31.801466+03:00 stf postfix/smtpd[9039]: < localhost[127.0.0.1]: STARTTLS
2013-07-11T17:02:31.802884+03:00 stf postfix/smtpd[9039]: > localhost[127.0.0.1]: 220 2.0.0 Ready to start TLS
2013-07-11T17:02:31.803994+03:00 stf postfix/smtpd[9039]: setting up TLS connection from localhost[127.0.0.1]
2013-07-11T17:02:31.804911+03:00 stf postfix/smtpd[9039]: localhost[127.0.0.1]: TLS cipher list "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
2013-07-11T17:02:31.805967+03:00 stf postfix/smtpd[9039]: send attr request = seed
2013-07-11T17:02:31.807094+03:00 stf postfix/smtpd[9039]: send attr size = 32
2013-07-11T17:02:31.808024+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: status
2013-07-11T17:02:31.808946+03:00 stf postfix/smtpd[9039]: input attribute name: status
2013-07-11T17:02:31.809890+03:00 stf postfix/smtpd[9039]: input attribute value: 0
2013-07-11T17:02:31.810795+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: seed
2013-07-11T17:02:31.811691+03:00 stf postfix/smtpd[9039]: input attribute name: seed
2013-07-11T17:02:31.812670+03:00 stf postfix/smtpd[9039]: input attribute value: JVrseEm1JT66rxd421jOpOoekAbs7vcWfyBr+l/Us7I=
2013-07-11T17:02:31.813808+03:00 stf postfix/smtpd[9039]: private/tlsmgr: wanted attribute: (list terminator)
2013-07-11T17:02:31.814709+03:00 stf postfix/smtpd[9039]: input attribute name: (end)
2013-07-11T17:02:31.815610+03:00 stf postfix/smtpd[9039]: SSL_accept:before/accept initialization
2013-07-11T17:02:31.816577+03:00 stf postfix/smtpd[9039]: read from 7FC21BED46D0 [7FC21BEDA870] (11 bytes => -1 (0xFFFFFFFFFFFFFFFF))
2013-07-11T17:02:49.530449+03:00 stf postfix/smtpd[9039]: read from 7FC21BED46D0 [7FC21BEDA870] (11 bytes => 11 (0xB))
2013-07-11T17:02:49.531467+03:00 stf postfix/smtpd[9039]: 0000 4d 41 49 4c 20 46 52 4f|4d 3a 69 MAIL FRO M:i
2013-07-11T17:02:49.532718+03:00 stf postfix/smtpd[9039]: SSL_accept:error in SSLv2/v3 read client hello A
2013-07-11T17:02:49.533685+03:00 stf postfix/smtpd[9039]: SSL_accept error from localhost[127.0.0.1]: -1
2013-07-11T17:02:49.534813+03:00 stf postfix/smtpd[9039]: warning: TLS library problem: 9039:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:628:
2013-07-11T17:02:49.535817+03:00 stf postfix/smtpd[9039]: match_hostname: localhost ~? 127.0.0.0/8
2013-07-11T17:02:49.536707+03:00 stf postfix/smtpd[9039]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8
2013-07-11T17:02:49.537597+03:00 stf postfix/smtpd[9039]: lost connection after STARTTLS from localhost[127.0.0.1]
2013-07-11T17:02:49.538488+03:00 stf postfix/smtpd[9039]: disconnect from localhost[127.0.0.1]
2013-07-11T17:02:49.539404+03:00 stf postfix/smtpd[9039]: master_notify: status 1
2013-07-11T17:02:49.540326+03:00 stf postfix/smtpd[9039]: connection closed
2013-07-11T17:02:49.541210+03:00 stf postfix/smtpd[9039]: proxymap stream disconnect
2013-07-11T17:02:49.542281+03:00 stf postfix/smtpd[9039]: auto_clnt_close: disconnect private/tlsmgr stream
Помогите понять откуда берётся проблема TLS-а и почему разрывается соединение при попытке отправить заголовок?