Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. users
Strange messages related to TLS
exim-users at lists
Mar 13, 2024, 12:23 PM
Post #1 of 4 (57 views)
Permalink
Hi,

I have several servers configured with exim4 and only on one of them I
have error messages related to TLS.
When I use the adjective "strange", I do it because I have no idea why
sometimes the error occurs and sometimes not (sorry).

The server where the errors appear has exim4 4.96 installed with debian
12 and gnutls 3.7.9. In the rest of the servers (no errors here) is
exim4 4.94.2 with debian 11 and gnutls 3.7.1.

All messages are delivered correctly.

Examples of this behavior are shown below:

- Sending to gmail: H=gmail-smtp-in.l.google.com [142.250.27.26] TLS
error on connection (recv): The TLS connection was non-properly terminated.
- Sending to yahoo: no error
- Sending through an external relay:
H=email-smtp.eu-north-1.amazonaws.com [13.48.208.88] TLS error on
connection (recv): A TLS fatal alert has been received: User canceled.

And so on with some others ...

I have read several messages on this mailing list that don't give
importance to these errors, but I don't understand very well why the
error appears with some servers (gmail, relay aws) and not with others
(yahoo and others).
Does it have to do with the new versions of exim4 software, gnutls or
debian? I would like to have some more information, if anyone has it.
Are we sure that there is no problem with these errors?

Thanks for everything

--
Marie H.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Strange messages related to TLS [ In reply to ]
exim-users at lists
Mar 13, 2024, 2:48 PM
Post #2 of 4 (57 views)
Permalink
On 13/03/2024 19:23, mhbeyle--- via Exim-users wrote:
> I have several servers configured with exim4

That name is the Debian binary for Exim. Nobody else calls it that.
Version 3 of Exim went obsolete TWENTY YEARS ago.


> - Sending to gmail: H=gmail-smtp-in.l.google.com [142.250.27.26] TLS error on connection (recv): The TLS connection was non-properly terminated.

Gmail cannot be bothered to properly close down a TLS session; they just drop the TCP
connection. The GnuTLS library reports this.

> - Sending to yahoo: no error

I assume you are not concerned by this.

> - Sending through an external relay: H=email-smtp.eu-north-1.amazonaws.com [13.48.208.88] TLS error on connection (recv): A TLS fatal alert has been received: User canceled.

That one I have not seen ("User canceled").
You could get a packet capture and decode the actual TLS record this external
relay sent, possibly. Or you could enquire of the operators of that relay what they are doing.

>
> And so on with some others ...

If you do not give details, it is hard to comment.

> Are we sure that there is no problem with these errors?

You said "All messages are delivered correctly."
Do you have some other criterion for there being a problem?
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Strange messages related to TLS [ In reply to ]
exim-users at lists
Mar 14, 2024, 4:03 AM
Post #3 of 4 (57 views)
Permalink
Thank you for your response.

Sorry for being so terse with the question, but basically I assume that
there is no problem with these error messages since the messages are
delivered without problems.
What I don't understand is why on the other systems (with virtually the
same configurations), these error messages do not appear in the logs and
I understand that they are occurring (e.g. gmail drops the TCP
connection on all systems, not just this one -I don't know-).
Is there any documented change in the exim or gnutls versions that
causes this change in the logs?

--
Regards,
Marie

El 13/03/2024 a las 22:48, Jeremy Harris via Exim-users escribió:
> On 13/03/2024 19:23, mhbeyle--- via Exim-users wrote:
>> I have several servers configured with exim4
>
> That name is the Debian binary for Exim.  Nobody else calls it that.
> Version 3 of Exim went obsolete TWENTY YEARS ago.
>
>
>> - Sending to gmail: H=gmail-smtp-in.l.google.com [142.250.27.26] TLS
>> error on connection (recv): The TLS connection was non-properly
>> terminated.
>
> Gmail cannot be bothered to properly close down a TLS session; they
> just drop the TCP
> connection.  The GnuTLS library reports this.
>
>> - Sending to yahoo: no error
>
> I assume you are not concerned by this.
>
>> - Sending through an external relay:
>> H=email-smtp.eu-north-1.amazonaws.com [13.48.208.88] TLS error on
>> connection (recv): A TLS fatal alert has been received: User canceled.
>
> That one I have not seen ("User canceled").
> You could get a packet capture and decode the actual TLS record this
> external
> relay sent, possibly.  Or you could enquire of the operators of that
> relay what they are doing.
>
>>
>> And so on with some others ...
>
> If you do not give details, it is hard to comment.
>
>> Are we sure that there is no problem with these errors?
>
> You said "All messages are delivered correctly."
> Do you have some other criterion for there being a problem?


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Strange messages related to TLS [ In reply to ]
exim-users at lists
Mar 14, 2024, 6:45 AM
Post #4 of 4 (57 views)
Permalink
On 14/03/2024 11:03, mhbeyle--- via Exim-users wrote:
> Is there any documented change in the exim or gnutls versions that causes this change in the logs?

I can't speak for GnuTLS, but it is not unlikely that its behaviour
changed between those versions.

For Exim, we do not bother documenting every minor code change. We do
document ones we feel worthy, in a couple of files called NewStuff and ChangeLog.
Apart from those and the overall project specification ( https://exim.org/docs.html )
the actual source is the ultimate documentation. It is published under git,
so history is available.
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal