I am using Windows Live Domains for a while now. Yesterday, I upgraded my server from Debian 6 to Debian 7.
With the system, OpenSSL got updated from 0.9.8o to 1.0.1e. Since 1.0.0, they disabled SSLv2 because of a security leak.
Anyway, SSLv3 is still available and should work. However, I am unable to connect to smtp.live.com with SSLv3:
$ openssl s_client -connect smtp.live.com:587 -ssl2
unknown option -ssl2
usage: s_client args
$ openssl s_client -connect smtp.live.com:587 -ssl3
CONNECTED(0000000A)
139740968756904:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1377428504
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
It looks like SSLv3 is not available on smtp.live.com, but as SSLv2 has been disabled, I'm totally unable to connect to SMTP...
Because of this, all my services stopped sending mails, including GitLab, Redmine and Jenkins :(
Is there any way to send mails using plain authentication, or to enable SSLv3 on servers?
Regards,
Mikael.
Recent Comments