lost connection after STARTTLS: Postfix

by webo   Last Updated September 11, 2019 17:00 PM - source

I've setup a Postfix + Courier server and have a Rails app configured with the SMTP server settings. Whenever the Rails app tries to send an email, this is what appears in the Postfix log (additional log verbosity set in master.cf)

Feb 22 03:57:24 alpha postfix/smtpd[1601]: Anonymous TLS connection established from localhost[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Feb 22 03:57:24 alpha postfix/smtpd[1601]: smtp_get: EOF
Feb 22 03:57:24 alpha postfix/smtpd[1601]: match_hostname: localhost ~? 127.0.0.0/8
Feb 22 03:57:24 alpha postfix/smtpd[1601]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8
Feb 22 03:57:24 alpha postfix/smtpd[1601]: lost connection after STARTTLS from localhost[127.0.0.1]
Feb 22 03:57:24 alpha postfix/smtpd[1601]: disconnect from localhost[127.0.0.1]
Feb 22 03:57:24 alpha postfix/smtpd[1601]: master_notify: status 1
Feb 22 03:57:24 alpha postfix/smtpd[1601]: connection closed

Any ideas as to why it's losing the connection after authentication?



Answers 2


Perhaps the rails app doesn't trust the postfix certificate?

Steven
Steven
February 22, 2011 04:03 AM

ActionMailer was changed to a more secure default configuration and checks the server certificate in TLS mode (since version 2-something or 3).

Some solutions are:

  • Restore the old Rails behaviour in the app: add openssl_verify_mode: 'none' to the Rails config
  • Disable TLS on the server: set smtpd_use_tls=no in your Postfix config
  • Set up valid TLS certificates on the server, which are verifiable using a certificate authority on the client (the Rails app). This is probably overkill if it's the same server as appears to be the case in this example, but for this kind of configuration you will want to make sure smtpd is not listening on a public port.
Dave Burt
Dave Burt
May 06, 2015 11:30 AM

Related Questions





nginx blank page with puma and rails on beanstalk

Updated April 16, 2018 08:00 AM