Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enforcing TLS for LMTP not possible #3278

Closed
felixauringer opened this issue Feb 26, 2024 · 0 comments · Fixed by #3279
Closed

Enforcing TLS for LMTP not possible #3278

felixauringer opened this issue Feb 26, 2024 · 0 comments · Fixed by #3279

Comments

@felixauringer
Copy link
Contributor

Describe the bug

When enforcing TLS, the only commands available before a TLS connection is established are EHLO and STARTTLS. LHLO is not allowed. Therefore, a STARTTLS connection for LMTP can not be established if TLS is enforced for the LMTP host. This line is responsible for this behavior.

Expected behavior

TLS should also be enforceable for LMTP.

Observed behavior

When enforcing TLS for the configured LMTP host, the connection will always be aborted, even if TLS is possible.

Steps To Reproduce

  • configure queue/lmtp plugin
  • add the LMTP host to force_tls_hosts[] in the [outbound] section of tls.ini

System Info:

Haraka Haraka.js — Version: 3.0.1
Node v21.6.2
OS Linux example.fauringer.de 6.7.5-arch1-1 #1 SMP PREEMPT_DYNAMIC Sat, 17 Feb 2024 14:02:33 +0000 x86_64 GNU/Linux
openssl OpenSSL 1.1.1w 11 Sep 2023

(I know that this is not the newest Haraka version but the issue is also present in the latest release.)

Additional context

I am currently working on a fix and will open a PR soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant